UBUNTU-CVE-2015-3228

Integer overflow in the gsheapallocbytes function in base/gsmalloc.c in Ghostscript 9.15 and earlier allows remote attackers to cause a denial of service crash via a crafted Postscript ps file, as demonstrated by using the ps2pdf command, which triggers an out-of-bounds read or write...

ghostscript -- denial of service (crash) via crafted Postscript files

MITRE reports: Integer overflow in the gsheapallocbytes function in base/gsmalloc.c in Ghostscript 9.15 and earlier allows remote attackers to cause a denial of service crash via a crafted Postscript ps file, as demonstrated by using the ps2pdf command, which triggers an out-of-bounds read or wri...

t1utils Buffer Overflow Vulnerability

t1utils is a library for manipulating PostScript Type 1 fonts. A buffer overflow vulnerability exists in t1utils that could be exploited by an attacker to execute arbitrary code or conduct a denial of service attack...

[SECURITY] Fedora 20 Update: t1utils-1.39-1.fc20

t1utils is a collection of programs for manipulating PostScript type 1 and type 2 fonts containing programs to convert between PFA ASCII format, PFB binary format, a human-readable and editable ASCII format, and Macintosh resource forks...

[SECURITY] Fedora 21 Update: t1utils-1.39-1.fc21

t1utils is a collection of programs for manipulating PostScript type 1 and type 2 fonts containing programs to convert between PFA ASCII format, PFB binary format, a human-readable and editable ASCII format, and Macintosh resource forks...

[SECURITY] Fedora 22 Update: t1utils-1.39-1.fc22

t1utils is a collection of programs for manipulating PostScript type 1 and type 2 fonts containing programs to convert between PFA ASCII format, PFB binary format, a human-readable and editable ASCII format, and Macintosh resource forks...

USN-2483-2: Ghostscript vulnerabilities

USN-2483-1 fixed vulnerabilities in JasPer. This update provides the corresponding fix for the JasPer library embedded in the Ghostscript package. Original advisory details: Jose Duart discovered that JasPer incorrectly handled ICC color profiles in JPEG-2000 image files. If a user were tricked...

UBUNTU-CVE-2014-9812

ImageMagick allows remote attackers to cause a denial of service NULL pointer dereference via a crafted ps file...

GLSA-201412-17 : GPL Ghostscript: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201412-17 GPL Ghostscript: Multiple vulnerabilities Multiple vulnerabilities have been discovered in GPL Ghostscript. Please review the CVE identifiers referenced below for details. Impact : A context-dependent attacker could enti...

[SECURITY] Fedora 19 Update: antiword-0.37-17.fc19

Antiword is a free MS-Word reader for Linux, BeOS and RISC OS. It converts the documents from Word 6, 7, 97 and 2000 to ASCII and Postscript. Antiword tries to keep the layout of the document intact...

GPL Ghostscript: Multiple vulnerabilities

Background Ghostscript is an interpreter for the PostScript language and for PDF. Description Multiple vulnerabilities have been discovered in GPL Ghostscript. Please review the CVE identifiers referenced below for details. Impact A context-dependent attacker could entice a user to open a special...

[SECURITY] Fedora 21 Update: antiword-0.37-17.fc21

Antiword is a free MS-Word reader for Linux, BeOS and RISC OS. It converts the documents from Word 6, 7, 97 and 2000 to ASCII and Postscript. Antiword tries to keep the layout of the document intact...

CVE-2010-4820

Untrusted search path vulnerability in Ghostscript 8.62 allows local users to execute arbitrary PostScript code via a Trojan horse Postscript library file in Encoding/ under the current working directory, a different vulnerability than CVE-2010-2055...

DEBIAN-CVE-2010-4820

Untrusted search path vulnerability in Ghostscript 8.62 allows local users to execute arbitrary PostScript code via a Trojan horse Postscript library file in Encoding/ under the current working directory, a different vulnerability than CVE-2010-2055...

Design/Logic Flaw

Untrusted search path vulnerability in Ghostscript 8.62 allows local users to execute arbitrary PostScript code via a Trojan horse Postscript library file in Encoding/ under the current working directory, a different vulnerability than CVE-2010-2055...

CVE-2010-4820

Untrusted search path vulnerability in Ghostscript 8.62 allows local users to execute arbitrary PostScript code via a Trojan horse Postscript library file in Encoding/ under the current working directory, a different vulnerability than CVE-2010-2055...

CVE-2010-4820

CVE-2010-4820 is an untrusted search path vulnerability in Ghostscript affecting the Ghostscript 8.x family. The issue arises because Ghostscript reads initialization files from the current working directory, allowing a local attacker to execute arbitrary PostScript commands by placing a Trojan h...

CVE-2010-4820

Untrusted search path vulnerability in Ghostscript 8.62 allows local users to execute arbitrary PostScript code via a Trojan horse Postscript library file in Encoding/ under the current working directory, a different vulnerability than CVE-2010-2055...

F5 Networks BIG-IP : icclib vulnerabilities (SOL9990)

Multiple integer overflow flaws which could lead to heap-based buffer overflows, as well as multiple insufficient input validation flaws, were found in Ghostscript's International Color Consortium Format library icclib. Using specially crafted ICC profiles, an attacker could create a malicious...

GNU a2ps "Anything to PostScript" Local Exploit (not suid)

No description provided by source. / Not added to Local Non Poc section /str0ke / include stdio.h include stdlib.h include errno.h // by lizard / lizstyleatgmail.com // greets go to slider/trog for helpin me // not suid by default ; define VULNTHING /usr/bin/a2ps define DEFRET 0xbffffffa - strlen...