Vulnerabilities (CVE)

Filtered by vendor Artifex Subscribe
Total 224 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-14945 2 Artifex, Microsoft 2 Gsview, Windows 2024-02-28 6.8 MEDIUM 7.8 HIGH
Artifex GSView 6.0 Beta on Windows allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to "Possible Stack Corruption starting at KERNELBASE!RaiseException+0x0000000000000068."
CVE-2017-17866 2 Artifex, Debian 2 Mupdf, Debian Linux 2024-02-28 6.8 MEDIUM 7.8 HIGH
pdf/pdf-write.c in Artifex MuPDF before 1.12.0 mishandles certain length changes when a repair operation occurs during a clean operation, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted PDF document.
CVE-2017-14947 2 Artifex, Microsoft 2 Gsview, Windows 2024-02-28 6.8 MEDIUM 7.8 HIGH
Artifex GSView 6.0 Beta on Windows allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to a "Read Access Violation on Block Data Move starting at mupdfnet64!mIncrementalSaveFile+0x0000000000193359."
CVE-2017-9726 2 Artifex, Debian 2 Ghostscript Ghostxps, Debian Linux 2024-02-28 6.8 MEDIUM 7.8 HIGH
The Ins_MDRP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document.
CVE-2017-14685 2 Artifex, Microsoft 2 Mupdf, Windows 2024-02-28 6.8 MEDIUM 7.8 HIGH
Artifex MuPDF 1.11 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to "Data from Faulting Address controls Branch Selection starting at mupdf+0x000000000016aa61" on Windows. This occurs because xps_load_links_in_glyphs in xps/xps-link.c does not verify that an xps font could be loaded.
CVE-2016-7976 1 Artifex 1 Ghostscript 2024-02-28 6.8 MEDIUM 8.8 HIGH
The PS Interpreter in Ghostscript 9.18 and 9.20 allows remote attackers to execute arbitrary code via crafted userparams.
CVE-2017-14687 2 Artifex, Microsoft 2 Mupdf, Windows 2024-02-28 6.8 MEDIUM 7.8 HIGH
Artifex MuPDF 1.11 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to "Data from Faulting Address controls Branch Selection starting at mupdf+0x000000000016cb4f" on Windows. This occurs because of mishandling of XML tag name comparisons.
CVE-2017-14946 2 Artifex, Microsoft 2 Gsview, Windows 2024-02-28 6.8 MEDIUM 7.8 HIGH
Artifex GSView 6.0 Beta on Windows allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to "Data from Faulting Address controls Branch Selection starting at mupdfnet64!mIncrementalSaveFile+0x000000000000344e."
CVE-2017-9835 2 Artifex, Debian 2 Ghostscript, Debian Linux 2024-02-28 6.8 MEDIUM 7.8 HIGH
The gs_alloc_ref_array function in psi/ialloc.c in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted PostScript document. This is related to a lack of an integer overflow check in base/gsalloc.c.
CVE-2017-9740 1 Artifex 1 Ghostscript Ghostxps 2024-02-28 6.8 MEDIUM 7.8 HIGH
The xps_decode_font_char_imp function in xps/xpsfont.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document.
CVE-2017-9620 1 Artifex 1 Ghostscript Ghostxps 2024-02-28 6.8 MEDIUM 7.8 HIGH
The xps_select_font_encoding function in xps/xpsfont.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document, related to the xps_encode_font_char_imp function.
CVE-2017-11714 2 Artifex, Debian 2 Ghostscript, Debian Linux 2024-02-28 6.8 MEDIUM 7.8 HIGH
psi/ztoken.c in Artifex Ghostscript 9.21 mishandles references to the scanner state structure, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PostScript document, related to an out-of-bounds read in the igc_reloc_struct_ptr function in psi/igc.c.
CVE-2017-9612 2 Artifex, Debian 2 Ghostscript Ghostxps, Debian Linux 2024-02-28 6.8 MEDIUM 7.8 HIGH
The Ins_IP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact via a crafted document.
CVE-2017-9618 1 Artifex 1 Ghostscript Ghostxps 2024-02-28 6.8 MEDIUM 7.8 HIGH
The xps_load_sfnt_name function in xps/xpsfont.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted document.
CVE-2017-9727 2 Artifex, Debian 2 Ghostscript Ghostxps, Debian Linux 2024-02-28 6.8 MEDIUM 7.8 HIGH
The gx_ttfReader__Read function in base/gxttfb.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document.
CVE-2017-9619 1 Artifex 1 Ghostscript Ghostxps 2024-02-28 6.8 MEDIUM 7.8 HIGH
The xps_true_callback_glyph_name function in xps/xpsttf.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (Segmentation Violation and application crash) via a crafted file.
CVE-2017-5896 1 Artifex 1 Mupdf 2024-02-28 4.3 MEDIUM 5.5 MEDIUM
Heap-based buffer overflow in the fz_subsample_pixmap function in fitz/pixmap.c in MuPDF 1.10a allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted image.
CVE-2017-7976 1 Artifex 1 Jbig2dec 2024-02-28 5.8 MEDIUM 7.1 HIGH
Artifex jbig2dec 0.13 allows out-of-bounds writes and reads because of an integer overflow in the jbig2_image_compose function in jbig2_image.c during operations on a crafted .jb2 file, leading to a denial of service (application crash) or disclosure of sensitive information from process memory.
CVE-2017-7885 1 Artifex 1 Jbig2dec 2024-02-28 5.8 MEDIUM 7.1 HIGH
Artifex jbig2dec 0.13 has a heap-based buffer over-read leading to denial of service (application crash) or disclosure of sensitive information from process memory, because of an integer overflow in the jbig2_decode_symbol_dict function in jbig2_symbol_dict.c in libjbig2dec.a during operation on a crafted .jb2 file.
CVE-2017-5951 1 Artifex 1 Ghostscript 2024-02-28 4.3 MEDIUM 5.5 MEDIUM
The mem_get_bits_rectangle function in base/gdevmem.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file.