Filtered by vendor Artifex
Subscribe
Total
224 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2016-7977 | 1 Artifex | 1 Ghostscript | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently read arbitrary files via the use of the .libfile operator in a crafted postscript document. | |||||
CVE-2016-10317 | 1 Artifex | 1 Ghostscript | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
The fill_threshhold_buffer function in base/gxht_thresh.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted PostScript document. | |||||
CVE-2017-8908 | 1 Artifex | 1 Ghostscript | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
The mark_line_tr function in gxscanc.c in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PostScript document. | |||||
CVE-2017-5628 | 1 Artifex | 1 Mujs | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
An issue was discovered in Artifex Software, Inc. MuJS before 8f62ea10a0af68e56d5c00720523ebcba13c2e6a. The MakeDay function in jsdate.c does not validate the month, leading to an integer overflow when parsing a specially crafted JS file. | |||||
CVE-2017-7975 | 1 Artifex | 1 Jbig2dec | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
Artifex jbig2dec 0.13, as used in Ghostscript, allows out-of-bounds writes because of an integer overflow in the jbig2_build_huffman_table function in jbig2_huffman.c during operations on a crafted JBIG2 file, leading to a denial of service (application crash) or possibly execution of arbitrary code. | |||||
CVE-2016-10219 | 1 Artifex | 1 Ghostscript | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
The intersect function in base/gxfill.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted file. | |||||
CVE-2016-7978 | 1 Artifex | 1 Ghostscript | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
Use-after-free vulnerability in Ghostscript 9.20 might allow remote attackers to execute arbitrary code via vectors related to a reference leak in .setdevice. | |||||
CVE-2015-3228 | 1 Artifex | 1 Afpl Ghostscript | 2024-02-28 | 6.8 MEDIUM | N/A |
Integer overflow in the gs_heap_alloc_bytes function in base/gsmalloc.c in Ghostscript 9.15 and earlier allows remote attackers to cause a denial of service (crash) via a crafted Postscript (ps) file, as demonstrated by using the ps2pdf command, which triggers an out-of-bounds read or write. | |||||
CVE-2016-6525 | 2 Artifex, Debian | 2 Mupdf, Debian Linux | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
Heap-based buffer overflow in the pdf_load_mesh_params function in pdf/pdf-shade.c in MuPDF allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a large decode array. | |||||
CVE-2016-9136 | 1 Artifex | 1 Mujs | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Artifex Software, Inc. MuJS before a0ceaf5050faf419401fe1b83acfa950ec8a8a89 allows context-dependent attackers to obtain sensitive information by using the "crafted JavaScript" approach, related to a "Buffer Over-read" issue. | |||||
CVE-2016-7506 | 1 Artifex | 1 Mujs | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
An out-of-bounds read vulnerability was observed in Sp_replace_regexp function of Artifex Software, Inc. MuJS before 5000749f5afe3b956fc916e407309de840997f4a. A successful exploitation of this issue can lead to code execution or denial of service condition. | |||||
CVE-2016-7504 | 1 Artifex | 1 Mujs | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
A use-after-free vulnerability was observed in Rp_toString function of Artifex Software, Inc. MuJS before 5c337af4b3df80cf967e4f9f6a21522de84b392a. A successful exploitation of this issue can lead to code execution or denial of service condition. | |||||
CVE-2016-9017 | 1 Artifex | 1 Mujs | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Artifex Software, Inc. MuJS before a5c747f1d40e8d6659a37a8d25f13fb5acf8e767 allows context-dependent attackers to obtain sensitive information by using the "opname in crafted JavaScript file" approach, related to an "Out-of-Bounds read" issue affecting the jsC_dumpfunction function in the jsdump.c component. | |||||
CVE-2016-6265 | 2 Artifex, Opensuse | 3 Mupdf, Leap, Opensuse | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
Use-after-free vulnerability in the pdf_load_xref function in pdf/pdf-xref.c in MuPDF allows remote attackers to cause a denial of service (crash) via a crafted PDF file. | |||||
CVE-2016-7505 | 1 Artifex | 1 Mujs | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
A buffer overflow vulnerability was observed in divby function of Artifex Software, Inc. MuJS before 8c805b4eb19cf2af689c860b77e6111d2ee439d5. A successful exploitation of this issue can lead to code execution or denial of service condition. | |||||
CVE-2014-2013 | 1 Artifex | 1 Mupdf | 2024-02-28 | 7.5 HIGH | N/A |
Stack-based buffer overflow in the xps_parse_color function in xps/xps-common.c in MuPDF 1.3 and earlier allows remote attackers to execute arbitrary code via a large number of entries in the ContextColor value of the Fill attribute in a Path element. | |||||
CVE-2013-6629 | 9 Artifex, Canonical, Debian and 6 more | 12 Gpl Ghostscript, Ubuntu Linux, Debian Linux and 9 more | 2024-02-28 | 5.0 MEDIUM | N/A |
The get_sos function in jdmarker.c in (1) libjpeg 6b and (2) libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48, Ghostscript, and other products, does not check for certain duplications of component data during the reading of segments that follow Start Of Scan (SOS) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image. | |||||
CVE-2010-4054 | 1 Artifex | 3 Afpl Ghostscript, Ghostscript Fonts, Gpl Ghostscript | 2024-02-28 | 4.3 MEDIUM | N/A |
The gs_type2_interpret function in Ghostscript allows remote attackers to cause a denial of service (incorrect pointer dereference and application crash) via crafted font data in a compressed data stream, aka bug 691043. | |||||
CVE-2010-1628 | 1 Artifex | 1 Gpl Ghostscript | 2024-02-28 | 9.3 HIGH | N/A |
Ghostscript 8.64, 8.70, and possibly other versions allows context-dependent attackers to execute arbitrary code via a PostScript file containing unlimited recursive procedure invocations, which trigger memory corruption in the stack of the interpreter. | |||||
CVE-2011-0341 | 2 Artifex, Mozilla | 2 Mupdf, Firefox | 2024-02-28 | 9.3 HIGH | N/A |
Stack-based buffer overflow in the pdfmoz_onmouse function in apps/mozilla/moz_main.c in the MuPDF plug-in 2008.09.02 for Firefox allows remote attackers to execute arbitrary code via a crafted web site. |