Total
103 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-16539 | 4 Artifex, Canonical, Debian and 1 more | 9 Ghostscript, Ubuntu Linux, Debian Linux and 6 more | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect access checking in temp file handling to disclose contents of files on the system otherwise not readable. | |||||
CVE-2018-16543 | 3 Artifex, Canonical, Debian | 3 Ghostscript, Ubuntu Linux, Debian Linux | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
In Artifex Ghostscript before 9.24, gssetresolution and gsgetresolution allow attackers to have an unspecified impact. | |||||
CVE-2018-16802 | 4 Artifex, Canonical, Debian and 1 more | 9 Ghostscript, Ubuntu Linux, Debian Linux and 6 more | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
An issue was discovered in Artifex Ghostscript before 9.25. Incorrect "restoration of privilege" checking when running out of stack during exception handling could be used by attackers able to supply crafted PostScript to execute code using the "pipe" instruction. This is due to an incomplete fix for CVE-2018-16509. | |||||
CVE-2018-16540 | 4 Artifex, Canonical, Debian and 1 more | 11 Ghostscript, Ubuntu Linux, Debian Linux and 8 more | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files to the builtin PDF14 converter could use a use-after-free in copydevice handling to crash the interpreter or possibly have unspecified other impact. | |||||
CVE-2018-10194 | 4 Artifex, Canonical, Debian and 1 more | 9 Ghostscript, Ubuntu Linux, Debian Linux and 6 more | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
The set_text_distance function in devices/vector/gdevpdts.c in the pdfwrite component in Artifex Ghostscript through 9.22 does not prevent overflows in text-positioning calculation, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document. | |||||
CVE-2018-11645 | 1 Artifex | 1 Ghostscript | 2024-02-28 | 5.0 MEDIUM | 5.3 MEDIUM |
psi/zfile.c in Artifex Ghostscript before 9.21rc1 permits the status command even if -dSAFER is used, which might allow remote attackers to determine the existence and size of arbitrary files, a similar issue to CVE-2016-7977. | |||||
CVE-2017-9611 | 2 Artifex, Debian | 2 Ghostscript, Debian Linux | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
The Ins_MIRP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document. | |||||
CVE-2016-7976 | 1 Artifex | 1 Ghostscript | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
The PS Interpreter in Ghostscript 9.18 and 9.20 allows remote attackers to execute arbitrary code via crafted userparams. | |||||
CVE-2017-9835 | 2 Artifex, Debian | 2 Ghostscript, Debian Linux | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
The gs_alloc_ref_array function in psi/ialloc.c in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted PostScript document. This is related to a lack of an integer overflow check in base/gsalloc.c. | |||||
CVE-2017-11714 | 2 Artifex, Debian | 2 Ghostscript, Debian Linux | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
psi/ztoken.c in Artifex Ghostscript 9.21 mishandles references to the scanner state structure, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PostScript document, related to an out-of-bounds read in the igc_reloc_struct_ptr function in psi/igc.c. | |||||
CVE-2017-5951 | 1 Artifex | 1 Ghostscript | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
The mem_get_bits_rectangle function in base/gdevmem.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file. | |||||
CVE-2017-7207 | 1 Artifex | 1 Ghostscript | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
The mem_get_bits_rectangle function in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted PostScript document. | |||||
CVE-2016-10217 | 1 Artifex | 1 Ghostscript | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
The pdf14_open function in base/gdevp14.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted file that is mishandled in the color management module. | |||||
CVE-2016-8602 | 1 Artifex | 1 Ghostscript | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
The .sethalftone5 function in psi/zht2.c in Ghostscript before 9.21 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Postscript document that calls .sethalftone5 with an empty operand stack. | |||||
CVE-2016-10218 | 1 Artifex | 1 Ghostscript | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
The pdf14_pop_transparency_group function in base/gdevp14.c in the PDF Transparency module in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file. | |||||
CVE-2017-7948 | 1 Artifex | 1 Ghostscript | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
Integer overflow in the mark_curve function in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact via a crafted PostScript document. | |||||
CVE-2016-10220 | 1 Artifex | 1 Ghostscript | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
The gs_makewordimagedevice function in base/gsdevmem.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file that is mishandled in the PDF Transparency module. | |||||
CVE-2016-7979 | 1 Artifex | 1 Ghostscript | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently execute arbitrary code by leveraging type confusion in .initialize_dsc_parser. | |||||
CVE-2016-7977 | 1 Artifex | 1 Ghostscript | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently read arbitrary files via the use of the .libfile operator in a crafted postscript document. | |||||
CVE-2016-10317 | 1 Artifex | 1 Ghostscript | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
The fill_threshhold_buffer function in base/gxht_thresh.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted PostScript document. |