9 matches found
CVE-2017-9727
The CVE-2017-9727 issue affects Artifex Ghostscript GhostXPS 9.21. The gx_ttfReader__Read function (base/gxttfb.c) is vulnerable, allowing remote attackers to trigger a denial of service via a crafted document through a heap-based buffer over-read, potentially causing an application crash. Connec...
CVE-2017-9612
CVE-2017-9612 : The vulnerability is in Artifex Ghostscript GhostXPS 9.21. The Ins_IP function in base/ttinterp.c can be triggered by a crafted document to cause a denial of service via a use-after-free, potentially crashing the application and causing a partial impact to integrity/availability a...
CVE-2017-9739
CVE-2017-9739: In Artifex Ghostscript GhostXPS 9.21, the Ins_JMPR function in base/ttinterp.c allows remote attackers to cause a denial of service via a crafted document, due to a heap-based buffer over-read. This is the concrete root cause and impact provided in connected documents; no further d...
CVE-2017-9726
CVE-2017-9726 affects Ghostscript GhostXPS 9.21. The Ins_MDRP function in base/ttinterp.c is vulnerable, allowing remote attackers to trigger a heap-based buffer over-read, causing an application crash and potentially other impact. Exploitation would involve a crafted document; CVSS v3.0 vector: ...
CVE-2017-9618
CVE-2017-9618 affects Artifex Ghostscript GhostXPS 9.21. The vulnerability is in xps_load_sfnt_name (xps/xpsfont.c), where crafted XPS documents can cause a denial of service via a buffer overflow, crashing the application. The description in the connected records confirms the same function and i...
CVE-2017-9610
CVE-2017-9610 affects Artifex Ghostscript GhostXPS 9.21. The vulnerability is in xps_load_sfnt_name (xps/xpsfont.c) and can be triggered by a crafted document, leading to a heap-based buffer over-read that may crash the process or have unspecified impact. No exploit details or patched version are...
CVE-2017-9740
CVE-2017-9740 affects Artifex Ghostscript GhostXPS 9.21. The xps_decode_font_char_imp function in xps/xpsfont.c can be triggered by a crafted document to cause a heap-based buffer over-read, resulting in a denial of service and potentially other impact. This vulnerability is documented across mul...
CVE-2017-9619
CVE-2017-9619 affects Artifex Ghostscript GhostXPS 9.21. The xps_true_callback_glyph_name function in xps/xpsttf.c can be triggered by a crafted file to cause a segmentation fault, resulting in remote denial of service/application crash. The provided documents explicitly state the impact as a DoS...
CVE-2017-9620
CVE-2017-9620 is linked to Artifex Ghostscript GhostXPS 9.21, with the flaw located in xps_select_font_encoding (xps/xpsfont.c) that can cause a heap-based buffer over-read leading to a crash or possible other impact via crafted documents. Connected documents confirm the vulnerability in Ghostscr...