2744 matches found
DEBIAN-CVE-2017-9835
The gsallocrefarray function in psi/ialloc.c in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted PostScript document. This is related to a lack of an integer...
CVE-2017-9835
The gsallocrefarray function in psi/ialloc.c in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted PostScript document. This is related to a lack of an integer...
Integer overflow
The gsallocrefarray function in psi/ialloc.c in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted PostScript document. This is related to a lack of an integer...
UBUNTU-CVE-2017-9835
The gsallocrefarray function in psi/ialloc.c in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted PostScript document. This is related to a lack of an integer...
FontForge buffer overflow vulnerability (CNVD-2017-18538)
FontForge is an open source font editing tool that supports multiple languages. A buffer overflow vulnerability exists in ValidatePostScriptFontName in FontForge version 20161012. An attacker can exploit this vulnerability with a specially crafted otf file to cause a denial of service or execute...
ImageMagick Denial of Service Vulnerability (CNVD-2017-18116)
ImageMagick is a set of open-source image processing software from the U.S. company ImageMagick Studio. The software can read, convert and write pictures in a variety of formats. A denial of service vulnerability exists in the 'WritePSImage' function in the coders/ps.c file in ImageMagick version...
UBUNTU-CVE-2017-11573
FontForge 20161012 is vulnerable to a buffer over-read in ValidatePostScriptFontName parsettf.c resulting in DoS or code execution via a crafted otf file...
DEBIAN-CVE-2017-11535
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the WritePSImage function in coders/ps.c...
[SECURITY] Fedora 25 Update: evince-3.22.1-5.fc25
Evince is simple multi-page document viewer. It can display and print Portable Document Format PDF, PostScript PS and Encapsulated PostScript EPS files. When supported by the document format, evince allows searching for text, copying text to the clipboard, hypertext navigation, table-of-contents...
[SECURITY] Fedora 26 Update: evince-3.24.0-3.fc26
Evince is simple multi-page document viewer. It can display and print Portable Document Format PDF, PostScript PS and Encapsulated PostScript EPS files. When supported by the document format, evince allows searching for text, copying text to the clipboard, hypertext navigation, table-of-contents...
EulerOS 2.0 SP2 : ghostscript (EulerOS-SA-2017-1101)
According to the version of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - It was found that ghostscript did not properly validate the parameters passed to the .rsdparams and .eqproc functions. During its execution, a...
EulerOS 2.0 SP1 : ghostscript (EulerOS-SA-2017-1100)
According to the version of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - It was found that ghostscript did not properly validate the parameters passed to the .rsdparams and .eqproc functions. During its execution, a...
Amazon Linux AMI : ghostscript (ALAS-2017-837)
It was found that ghostscript did not properly validate the parameters passed to the .rsdparams and .eqproc functions. During its execution, a specially crafted PostScript document could execute code in the context of the ghostscript process, bypassing the -dSAFER protection. CVE-2017-8291 C...
Artifex Software Ghostscript Heap Buffer Overflow Vulnerability
Artifex Software Ghostscript is an open source PostScript parser from Artifex Software, which displays Postscript files and prints them on non-Postscript printers. A security vulnerability exists in the 'fillthreshholdbuffer' function in the base/gxhtthresh.c file in Artifex Software Ghostscript...
DEBIAN-CVE-2016-7977
Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently read arbitrary files via the use of the .libfile operator in a crafted postscript document...
CVE-2016-7977
Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently read arbitrary files via the use of the .libfile operator in a crafted postscript document...
Authentication flaw
Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently read arbitrary files via the use of the .libfile operator in a crafted postscript document...
CVE-2016-7977
Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently read arbitrary files via the use of the .libfile operator in a crafted postscript document...
CVE-2016-7977
Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently read arbitrary files via the use of the .libfile operator in a crafted postscript document...
CVE-2016-7977
Ghostscript before 9.21 could bypass SAFER mode using the .libfile operator in crafted PostScript, allowing reading arbitrary files. This CVE (CVE-2016-7977) affects Ghostscript up to version 9.20/9.21; remediation is to upgrade to Ghostscript 9.21 or newer where fixed. Related entries note simil...