Ghostscript@9.20 Security Vulnerabilities and Issues — Ghostscript@9.20 CVE List

Lucene search

ArtifexGhostscript9.20

9 matches found

CVE•added 2017/03/21 6:59 a.m.•191 views

CVE-2017-7207

The mem_get_bits_rectangle function in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted PostScript document.

5.5CVSS5.6AI score0.00524EPSS

CVE•added 2017/08/07 8:29 p.m.•142 views

CVE-2016-7976

The PS Interpreter in Ghostscript 9.18 and 9.20 allows remote attackers to execute arbitrary code via crafted userparams.

8.8CVSS8.2AI score0.6807EPSS

CVE•added 2017/05/23 4:29 a.m.•139 views

CVE-2016-7978

Use-after-free vulnerability in Ghostscript 9.20 might allow remote attackers to execute arbitrary code via vectors related to a reference leak in .setdevice.

9.8CVSS9.3AI score0.02959EPSS

CVE•added 2017/04/03 5:59 a.m.•120 views

CVE-2016-10217

The pdf14_open function in base/gdevp14.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted file that is mishandled in the color management module.

5.5CVSS5.8AI score0.00471EPSS

CVE•added 2017/04/03 5:59 a.m.•120 views

CVE-2017-5951

The mem_get_bits_rectangle function in base/gdevmem.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file.

5.5CVSS5.8AI score0.00531EPSS

CVE•added 2017/04/03 8:59 p.m.•100 views

CVE-2016-10317

The fill_threshhold_buffer function in base/gxht_thresh.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted PostScript document.

7.8CVSS6.8AI score0.00363EPSS

CVE•added 2017/04/03 5:59 a.m.•86 views

CVE-2016-10219

The intersect function in base/gxfill.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted file.

5.5CVSS5.8AI score0.00935EPSS

CVE•added 2017/04/03 5:59 a.m.•78 views

CVE-2016-10220

The gs_makewordimagedevice function in base/gsdevmem.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file that is mishandled in the PDF Transparency module.

5.5CVSS5.8AI score0.00935EPSS

CVE•added 2017/04/03 5:59 a.m.•55 views

CVE-2016-10218

The pdf14_pop_transparency_group function in base/gdevp14.c in the PDF Transparency module in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file.

5.5CVSS5.8AI score0.00374EPSS