K72372334: FreeType vulnerability CVE-2014-9745

Security Advisory Description The parseencoding function in type1/t1load.c in FreeType before 2.5.3 allows remote attackers to cause a denial of service infinite loop via a "broken number-with-base" in a Postscript stream, as demonstrated by 8garbage. CVE-2014-9745 Impact A remote attacker may be...

K02495251: Ghostscript vulnerability CVE-2018-16509 (VU#332928)

Security Advisory Description An issue was discovered in Artifex Ghostscript before 9.24. Incorrect "restoration of privilege" checking during handling of /invalidaccess exceptions could be used by attackers able to supply crafted PostScript to execute code using the "pipe" instruction...

K9990: icclib vulnerabilities CVE-2009-0583 and CVE-2009-0584

Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to SOL4602: Overview of F5...

K46641512: FreeType vulnerability CVE-2015-9382

Security Advisory Description FreeType before 2.6.1 has a buffer over-read in skipcomment in psaux/psobjs.c because psparserskipPStoken is mishandled in an FTNewMemoryFace operation. CVE-2015-9382 Impact An attacker may be able to use a maliciously crafted file to create a buffer overflow and...

K24803507: Ghostscript vulnerability CVE-2018-15909

Security Advisory Description In Artifex Ghostscript 9.23 before 2018-08-24, a type confusion using the .shfill operator could be used by attackers able to supply crafted PostScript files to crash the interpreter or potentially execute code. CVE-2018-15909 Impact There is no impact; F5 products a...

K15958: Ghostscript BaseFont vulnerability CVE-2008-6679

Security Advisory Description Buffer overflow in the BaseFont writer module in Ghostscript 8.62, and possibly other versions, allows remote attackers to cause a denial of service ps2pdf crash and possibly execute arbitrary code via a crafted Postscript file. CVE-2008-6679 Impact None. No F5...

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability (CNVD-2023-35226)

Microsoft PostScript Printer Driver is a Microsoft standard printer driver for PostScript printers from Microsoft.Microsoft PCL6 Class Printer Driver is a printer driver from Microsoft. Microsoft PCL6 Class Printer Driver is a printer driver software from Microsoft. An information disclosure...

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability (CNVD-2023-35225)

Microsoft PostScript Printer Driver is a Microsoft standard printer driver for PostScript printers from Microsoft.Microsoft PCL6 Class Printer Driver is a printer driver from Microsoft. Microsoft PCL6 Class Printer Driver is a printer driver software from Microsoft. A remote code execution...

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability (CNVD-2023-35224)

Microsoft PostScript Printer Driver is a Microsoft standard printer driver for PostScript printers from Microsoft.Microsoft PCL6 Class Printer Driver is a printer driver from Microsoft. Microsoft PCL6 Class Printer Driver is a printer driver software from Microsoft. A remote code execution...

SUSE CVE-2005-2471

pstopnm in netpbm does not properly use the "-dSAFER" option when calling Ghostscript to convert a PostScript file into a 1 PBM, 2 PGM, or 3 PNM file, which allows external user-assisted attackers to execute arbitrary commands...

SUSE CVE-2006-3119

The fbgs framebuffer Postscript/PDF viewer in fbi before 2.01 has a typo that prevents a filter from working correctly, which allows user-assisted attackers to bypass the filter and execute malicious Postscript commands...

SUSE CVE-2006-5864

Stack-based buffer overflow in the psgettext function in ps.c for GNU gv 3.6.2, and possibly earlier versions, allows user-assisted attackers to execute arbitrary code via a PostScript PS file with certain headers that contain long comments, as demonstrated using the 1 DocumentMedia, 2...

SUSE CVE-2008-0053

Multiple buffer overflows in the HP-GL/2-to-PostScript filter in CUPS before 1.3.6 might allow remote attackers to execute arbitrary code via a crafted HP-GL/2 file...

SUSE CVE-2008-1374

Integer overflow in pdftops filter in CUPS in Red Hat Enterprise Linux 3 and 4, when running on 64-bit platforms, allows remote attackers to execute arbitrary code via a crafted PDF file. NOTE: this issue is due to an incomplete fix for CVE-2004-0888...

SUSE CVE-2008-3640

Integer overflow in the WriteProlog function in texttops in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via a crafted PostScript file that triggers a heap-based buffer overflow...

SUSE CVE-2008-6679

Buffer overflow in the BaseFont writer module in Ghostscript 8.62, and possibly other versions, allows remote attackers to cause a denial of service ps2pdf crash and possibly execute arbitrary code via a crafted Postscript file...

SUSE CVE-2009-0583

Multiple integer overflows in icc.c in the International Color Consortium ICC Format library aka icclib, as used in Ghostscript 8.64 and earlier and Argyll Color Management System CMS 1.0.3 and earlier, allow context-dependent attackers to cause a denial of service heap-based buffer overflow and...

SUSE CVE-2009-0792

Multiple integer overflows in icc.c in the International Color Consortium ICC Format library aka icclib, as used in Ghostscript 8.64 and earlier and Argyll Color Management System CMS 1.0.3 and earlier, allow context-dependent attackers to cause a denial of service heap-based buffer overflow and...

SUSE CVE-2010-1628

Ghostscript 8.64, 8.70, and possibly other versions allows context-dependent attackers to execute arbitrary code via a PostScript file containing unlimited recursive procedure invocations, which trigger memory corruption in the stack of the interpreter...

SUSE CVE-2010-1869

Stack-based buffer overflow in the parser function in GhostScript 8.70 and 8.64 allows context-dependent attackers to execute arbitrary code via a crafted PostScript file...