Download
| Alert*
oval:org.secpod.oval:def:89044462
This update for ghostscript fixes the following security vulnerabilities: CVE-2017-8291: A remote command execution and a -dSAFER bypass via a crafted .eps document were exploited in the wild. CVE-2016-9601: An integer overflow in the bundled jbig2dec library could have been misused to cause a Deni ... oval:org.secpod.oval:def:40655 The host is installed with Artifex Ghostscript 9.21 or before and is prone to a remote command execution vulnerability. A flaw is present in the application, which fails to properly handle input to the gs program. Successful exploitation could allow attackers to execute command remotely. oval:org.secpod.oval:def:89044974 This update for ghostscript fixes the following security vulnerability: CVE-2017-8291: A remote command execution and a -dSAFER bypass via a crafted .eps document were exploited in the wild oval:org.secpod.oval:def:204497 The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Security Fix: * It was found that ghostscript did not properly validate the parameters passed to the .rsd ... oval:org.secpod.oval:def:89044966 This update for ghostscript fixes the following security vulnerabilities: - CVE-2017-8291: A remote command execution and a -dSAFER bypass via a crafted .eps document were exploited in the wild. - CVE-2016-9601: An integer overflow in the bundled jbig2dec library could have been misused to cause a ... oval:org.secpod.oval:def:2102404 Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a "/OutputFile (%pipe%" substring in a crafted .eps document that is an input to the gs program, as exploited in the wild in April 2017. oval:org.secpod.oval:def:89044690 This update for ghostscript fixes the following security vulnerability: CVE-2017-8291: A remote command execution and a -dSAFER bypass via a crafted .eps document were exploited in the wild. This update is a reissue including the SUSE Linux Enterprise 11 SP3 product. oval:org.secpod.oval:def:204499 The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Security Fix: * It was found that ghostscript did not properly validate the parameters passed to the .rsd ... oval:org.secpod.oval:def:1501859 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:703581 ghostscript: PostScript and PDF interpreter Several security issues were fixed in Ghostscript. oval:org.secpod.oval:def:1501858 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:602863 Several vulnerabilities were discovered in Ghostscript, the GPL PostScript/PDF interpreter, which may lead to the execution of arbitrary code or denial of service if a specially crafted Postscript file is processed. oval:org.secpod.oval:def:502033 The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Security Fix: * It was found that ghostscript did not properly validate the parameters passed to the .rsd ... oval:org.secpod.oval:def:1600705 It was found that ghostscript did not properly validate the parameters passedto the .rsdparams and .eqproc functions. During its execution, a speciallycrafted PostScript document could execute code in the context of the ghostscriptprocess, bypassing the -dSAFER protection oval:org.secpod.oval:def:51779 ghostscript: PostScript and PDF interpreter Several security issues were fixed in Ghostscript. oval:org.secpod.oval:def:1800426 CVE-2016-10217: The pdf14_open function in base/gdevp14.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service via a crafted file that is mishandled in the color management module. oval:org.secpod.oval:def:112340 Ghostscript is a set of software that provides a PostScript interpreter, a set of C procedures and an interpreter for Portable Document Format files. Ghostscript translates PostScript code into many common, bitmapped formats, like those understood by your printer or screen. Ghostscript is normally u ... oval:org.secpod.oval:def:112370 Ghostscript is a set of software that provides a PostScript interpreter, a set of C procedures and an interpreter for Portable Document Format files. Ghostscript translates PostScript code into many common, bitmapped formats, like those understood by your printer or screen. Ghostscript is normally ... |