2744 matches found
DLA-674-1 ghostscript - security update
Bulletin has no description...
CVE-2016-7979
It was found that the ghostscript function .initializedscparser did not validate its parameter before using it, allowing a type confusion flaw. A specially crafted postscript document could cause a crash code execution in the context of the gs process...
CVE-2016-7978
It was found that the ghostscript function .setdevice suffered a use-after-free vulnerability due to an incorrect reference count. A specially crafted postscript document could trigger code execution in the context of the gs process...
Security update for ghostscript-library (important)
This update for ghostscript-library fixes the following issues: - Multiple security vulnerabilities have been discovered where ghostscript's "-dsafer" flag did not provide sufficient protection against unintended access to the file system. Thus, a machine that would process a specially crafted...
[SECURITY] Fedora 23 Update: ghostscript-9.20-2.fc23
Ghostscript is a set of software that provides a PostScript interpreter, a set of C procedures the Ghostscript library, which implements the graphics capabilities in the PostScript language and an interpreter for Portable Document Format PDF files. Ghostscript translates PostScript code into many...
[SECURITY] Fedora 24 Update: ghostscript-9.20-2.fc24
Ghostscript is a set of software that provides a PostScript interpreter, a set of C procedures the Ghostscript library, which implements the graphics capabilities in the PostScript language and an interpreter for Portable Document Format PDF files. Ghostscript translates PostScript code into many...
[SECURITY] Fedora 25 Update: ghostscript-9.20-2.fc25
Ghostscript is a set of software that provides a PostScript interpreter, a set of C procedures the Ghostscript library, which implements the graphics capabilities in the PostScript language and an interpreter for Portable Document Format PDF files. Ghostscript translates PostScript code into many...
CVE-2016-8602
It was found that ghostscript did not sufficiently check the validity of parameters given to the .sethalftone5 function. A specially crafted postscript document could cause a crash, or execute arbitrary code in the context of the gs process...
Debian DSA-3691-1 : ghostscript - security update
Several vulnerabilities were discovered in Ghostscript, the GPL PostScript/PDF interpreter, which may lead to the execution of arbitrary code or information disclosure if a specially crafted Postscript file is processed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text an...
[SECURITY] [DSA 3691-1] ghostscript security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3691-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso October 12, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3691-1] ghostscript security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3691-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso October 12, 2016 https://www.debian.org/security/faq -...
Debian Security Advisory DSA 3691-1 (ghostscript - security update)
Several vulnerabilities were discovered in Ghostscript, the GPL PostScript/PDF interpreter, which may lead to the execution of arbitrary code or information disclosure if a specially crafted Postscript file is processed. OpenVAS Vulnerability Test $Id: deb3691.nasl 6959 2017-08-18 07:24:59Z astei...
SUSE SLED12 / SLES12 Security Update : ghostscript-library (SUSE-SU-2016:2492-1)
This update for ghostscript-library fixes the following issues : - Multiple security vulnerabilities have been discovered where ghostscript's '-dsafer' flag did not provide sufficient protection against unintended access to the file system. Thus, a machine that would process a specially crafted...
UBUNTU-CVE-2016-8602
The .sethalftone5 function in psi/zht2.c in Ghostscript before 9.21 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted Postscript document that calls .sethalftone5 with an empty operand stack...
CVE-2016-8602
The .sethalftone5 function in psi/zht2.c in Ghostscript before 9.21 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted Postscript document that calls .sethalftone5 with an empty operand stack...
DSA-3691-1 ghostscript - security update
Bulletin has no description...
Debian: Security Advisory (DSA-3691-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2016-7977
It was found that ghostscript function .libfile did not honor the -dSAFER option, usually used when processing untrusted documents, leading to information disclosure. A specially crafted postscript document could, in the context of the gs process, retrieve file content on the target machine...
CVE-2016-7977
Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently read arbitrary files via the use of the .libfile operator in a crafted postscript document...
UBUNTU-CVE-2016-7977
Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently read arbitrary files via the use of the .libfile operator in a crafted postscript document...