Gpl Ghostscript@8.70 Security Vulnerabilities and Issues — Gpl Ghostscript@8.70 CVE List

Lucene search

ArtifexGpl Ghostscript8.70

5 matches found

CVE•added 2010/07/22 5:40 a.m.•104 views

CVE-2009-4897

Buffer overflow in gs/psi/iscan.c in Ghostscript 8.64 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDF document containing a long name.

9.3CVSS7.8AI score0.10673EPSS

CVE•added 2010/05/19 10:30 p.m.•66 views

CVE-2010-1628

Ghostscript 8.64, 8.70, and possibly other versions allows context-dependent attackers to execute arbitrary code via a PostScript file containing unlimited recursive procedure invocations, which trigger memory corruption in the stack of the interpreter.

9.3CVSS7.4AI score0.06794EPSS

CVE•added 2010/05/12 11:46 a.m.•66 views

CVE-2010-1869

Stack-based buffer overflow in the parser function in GhostScript 8.70 and 8.64 allows context-dependent attackers to execute arbitrary code via a crafted PostScript file.

9.3CVSS7.6AI score0.26015EPSS

CVE•added 2010/07/22 5:43 a.m.•54 views

CVE-2010-2055

Ghostscript 8.71 and earlier reads initialization files from the current working directory, which allows local users to execute arbitrary PostScript commands via a Trojan horse file, related to improper support for the -P- option to the gs program, as demonstrated using gs_init.ps, a different vuln...

7.2CVSS6.9AI score0.00111EPSS

CVE•added 2010/10/23 8:39 p.m.•51 views

CVE-2010-4054

The gs_type2_interpret function in Ghostscript allows remote attackers to cause a denial of service (incorrect pointer dereference and application crash) via crafted font data in a compressed data stream, aka bug 691043.

4.3CVSS6.2AI score0.00866EPSS