CVE-2006-1136

Buffer overflow in the PostScript file interpreter code for Xerox CopyCentre and Xerox WorkCentre Pro, running software 1.001.02.073 or earlier, or 1.001.02.074 before 1.001.02.715, allows attackers to cause a denial of service via unknown vectors...

Multiple Xerox CopyCentre / Xerox WorkCentre Pro security vulnerabilities

Buffer overflow and DoS on PostScript parsing, memory corruption in built-in Web server...

[SA19146] Xerox CopyCentre / WorkCentre Pro Multiple Denial of Service Vulnerabilities

TITLE: Xerox CopyCentre / WorkCentre Pro Multiple Denial of Service Vulnerabilities SECUNIA ADVISORY ID: SA19146 VERIFY ADVISORY: http://secunia.com/advisories/19146/ CRITICAL: Moderately critical IMPACT: Unknown, DoS WHERE: From remote OPERATING SYSTEM: Xerox CopyCentre...

DSA-981-1 bmv - integer overflow

Bulletin has no description...

CVE-2006-0826

Unspecified vulnerability in ESS/ Network Controller and MicroServer Web Server in Xerox WorkCentre Pro and Xerox WorkCentre running software 13.027.24.015 and 14.027.24.015 allows remote attackers to cause a denial of service via a crafted Postscript request...

Server side request forgery (ssrf)

Unspecified vulnerability in ESS/ Network Controller and MicroServer Web Server in Xerox WorkCentre Pro and Xerox WorkCentre running software 13.027.24.015 and 14.027.24.015 allows remote attackers to cause a denial of service via a crafted Postscript request...

CVE-2006-0826

Unspecified vulnerability in ESS/ Network Controller and MicroServer Web Server in Xerox WorkCentre Pro and Xerox WorkCentre running software 13.027.24.015 and 14.027.24.015 allows remote attackers to cause a denial of service via a crafted Postscript request...

[SECURITY] [DSA 945-1] New antiword packages fix insecure temporary file creation

-------------------------------------------------------------------------- Debian Security Advisory DSA 945-1 [email protected] http://www.debian.org/security/ Martin Schulze January 17th, 2006 http://www.debian.org/security/faq -...

AntiWord symbolic links problem

Word to Postscript document convertation insecure temporary file creation...

Ubuntu 4.10 / 5.04 : netpbm-free vulnerability (USN-164-1)

Max Vozeler discovered that the the 'pstopnm' conversion tool did not use the -dSAFER option when calling ghostscript. This option prohibits file operations and calling commands within PostScript code. This flaw could be exploited by an attacker to execute arbitrary code if he tricked an user or ...

USN-223-1: Inkscape vulnerability

Javier Fernández-Sanguino Peña discovered that Inkscape's ps2epsi.sh script, which converts PostScript files to Encapsulated PostScript format, creates a temporary file in an insecure way. A local attacker could exploit this with a symlink attack to create or overwrite arbitrary files with the...

CVE-2005-3278

Integer overflow in the openpsfile function in gsinterf.c for Jan Kybic BitMap Viewer BMV 1.2 allows local users to execute arbitrary code via a PostScript PS file containing a large number of pages value, which leads to a resultant buffer overflow...

CVE-2005-3278

Integer overflow in the openpsfile function in gsinterf.c for Jan Kybic BitMap Viewer BMV 1.2 allows local users to execute arbitrary code via a PostScript PS file containing a large number of pages value, which leads to a resultant buffer overflow...

bmv integer overflow

Integer overflow on PostScript PS files processing...

Mandrake Linux Security Advisory : netpbm (MDKSA-2005:133)

Max Vozeler discovered that pstopnm, a part of the netpbm graphics utility suite, would call the GhostScript interpreter on untrusted PostScript files without using the -dSAFER option when converting a PostScript file into a PBM, PGM, or PNM file. This could result in the execution of arbitrary...

RHEL 3 : ghostscript (RHSA-2005:081)

Updated ghostscript packages that fix a PDF output issue and a temporary file security bug are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. Ghostscript is a program for displaying PostScript files or printing them to non-PostScript...

Debian DSA-792-1 : pstotext - missing input sanitising

Max Vozeler discovered that pstotext, a utility to extract text from PostScript and PDF files, did not execute ghostscript with the -dSAFER argument, which prevents potential malicious operations to happen. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package chec...

netpbm security update

CentOS Errata and Security Advisory CESA-2005:743-01 Updated netpbm packages that fix a security issue are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The netpbm package contains a library of functions that support programs for...

X11, netpbm, vim security update

CentOS Errata and Security Advisory CESA-2005:745 Updated netpbm packages that fix a security issue are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The netpbm package contains a library of functions that support programs for...

netpbm security update

CentOS Errata and Security Advisory CESA-2005:743 Updated netpbm packages that fix a security issue are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The netpbm package contains a library of functions that support programs for...