CVE-2009-4897

Ghostscript (GPL Ghostscript) contains CVE-2009-4897: a buffer overflow in gs/psi/iscan.c can be triggered by a crafted PDF with a long name, enabling remote code execution or memory corruption. Affected: Ghostscript 8.64 and earlier. Exploitation via crafted PDFs; memory corruption could lead to...

CVE-2009-3743

Ghostscript prior to 8.71 is affected by an off-by-one error in the Ins_MINDEX function of the TrueType bytecode interpreter, allowing a remote attacker to execute arbitrary code or cause a denial of service via a malformed TrueType font (heap memory corruption). The issue (CVE-2009-3743) is cite...

CVE-2010-2055

Ghostscript before 8.71 is vulnerable to an information/command execution flaw where initialization files are read from the current working directory, enabling local users to run arbitrary PostScript via a Trojan horse file. Affected: Ghostscript 8.71 and earlier. Impact: local code/command execu...

CVE-2010-4054

CVE-2010-4054 affects Ghostscript: the gs_type2_interpret function can be driven to crash via crafted font data in a compressed data stream (bug 691043), enabling a remote denial-of-service. Documented in MiracleLinux advisories and various OpenVAS/Nessus entries; patch/version details are not sp...