2744 matches found
Ghostscript -- Security bypass vulnerability
Cedric Buissart Red Hat reports: It was found that the superexec operator was available in the internal dictionary in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by...
[SECURITY] Fedora 28 Update: ghostscript-9.26-3.fc28
This package provides useful conversion utilities based on Ghostscript soft ware, for converting PS, PDF and other document formats between each other. Ghostscript is a suite of software providing an interpreter for Adobe Syste ms' PostScript PS and Portable Document Format PDF page description...
EulerOS Virtualization 2.5.2 : ghostscript (EulerOS-SA-2019-1088)
According to the version of the ghostscript package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - Integer overflow in the gsheapallocbytes function in base/gsmalloc.c in Ghostscript 9.15 and earlier allows remote attackers to...
EulerOS Virtualization 2.5.2 : ghostscript (EulerOS-SA-2019-1087)
According to the versions of the ghostscript package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The settextdistance function in devices/vector/gdevpdts.c in the pdfwrite component in Artifex Ghostscript through 9.22 does...
SRC-2019-0065 : Adobe Acrobat Pro DC ASCII85Decode filter Out-of-Bounds Read Information Disclosure Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific...
Ubuntu: Security Advisory (USN-3866-3)
The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-3866-3 ghostscript regression
USN-3866-2 fixed a regression in Ghostscript. The Ghostscript update introduced a new regression that resulted in certain pages being printed with a blue background. This update fixes the problem. Original advisory details: Tavis Ormandy discovered that Ghostscript incorrectly handled certain...
USN-3866-3: Ghostscript regression
USN-3866-2 fixed a regression in Ghostscript. The Ghostscript update introduced a new regression that resulted in certain pages being printed with a blue background. This update fixes the problem. Original advisory details: Tavis Ormandy discovered that Ghostscript incorrectly handled certain...
SRC-2019-0066 : Adobe Acrobat Pro DC Type 2 Charstring put Out-of-Bounds Write Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...
SRC-2019-0067 : Adobe Acrobat Pro DC Type 2 Charstring put Out-of-Bounds Read Information Disclosure Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific...
SRC-2019-0074 : Adobe Acrobat Pro DC Type 2 Charstring put Out-of-Bounds Write Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...
SRC-2019-0070 : Adobe Acrobat Pro DC Type 2 Charstring put Out-of-Bounds Read Information Disclosure Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific...
SRC-2019-0068 : Adobe Acrobat Pro DC Type 2 Charstring put Out-of-Bounds Write Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...
SRC-2019-0069 : Adobe Acrobat Pro DC Type 2 Charstring put Out-of-Bounds Read Information Disclosure Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific...
Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Ghostscript regression (USN-3866-2)
The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3866-2 advisory. USN-3866-1 fixed vulnerabilities in Ghostscript. The new Ghostscript version introduced a regression when printing certain page sizes. Thi...
USN-3866-2: Ghostscript regression
USN-3866-1 fixed vulnerabilities in Ghostscript. The new Ghostscript version introduced a regression when printing certain page sizes. This update fixes the problem. Original advisory details: Tavis Ormandy discovered that Ghostscript incorrectly handled certain PostScript files. If a user or...
Adobe Acrobat Pro DC PostScript File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Adobe Acrobat Pro DC PostScript File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Adobe Acrobat Pro DC PostScript File Parsing Use-After-Free Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Debian DLA-1670-1 : ghostscript security update
Tavis Ormandy discovered a vulnerability in Ghostscript, the GPL PostScript/PDF interpreter, which may result in denial of service or the execution of arbitrary code if a malformed Postscript file is processed despite the -dSAFER sandbox being enabled. For Debian 8 'Jessie', this problem has been...