Download
| Alert*
oval:org.secpod.oval:def:89002514
This update for ghostscript to version 9.25 fixes the following issues: These security issues were fixed: - CVE-2018-17183: Remote attackers were be able to supply crafted PostScript to potentially overwrite or replace error handlers to inject code - CVE-2018-15909: Prevent type confusion using the ... oval:org.secpod.oval:def:502373 The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Security Fix: * It was discovered that the ghostscript /invalidaccess checks fail under certain condition ... oval:org.secpod.oval:def:204890 The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Security Fix: * It was discovered that the ghostscript /invalidaccess checks fail under certain condition ... oval:org.secpod.oval:def:603507 Tavis Ormandy discovered multiple vulnerabilites in Ghostscript, an interpreter for the PostScript language, which could result in denial of service, the creation of files or the execution of arbitrary code if a malformed Postscript file is processed . oval:org.secpod.oval:def:53411 Tavis Ormandy discovered multiple vulnerabilites in Ghostscript, an interpreter for the PostScript language, which could result in denial of service, the creation of files or the execution of arbitrary code if a malformed Postscript file is processed . oval:org.secpod.oval:def:1801173 CVE-2018-10194: The set_text_distance function in devices/vector/gdevpdts.c in the pdfwrite component in Artifex Ghostscript through 9.22 does not prevent overflows in text-positioning calculation, which allows remote attackers to cause a denial of service or possibly have unspecified other impact ... oval:org.secpod.oval:def:1502343 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1801158 CVE-2018-10194: The set_text_distance function in devices/vector/gdevpdts.c in the pdfwrite component in Artifex Ghostscript through 9.22 does not prevent overflows in text-positioning calculation, which allows remote attackers to cause a denial of service or possibly have unspecified other impact ... oval:org.secpod.oval:def:47268 The host is installed with Artifex Ghostscript before 9.23 and is prone to a type confusion vulnerability. A flaw is present in the application, which fails to properly handle the LockDistillerParams parameter. Successful exploitation could allow attackers to crash the interpreter or execute code. oval:org.secpod.oval:def:89002267 This update for ghostscript to version 9.25 fixes the following issues: These security issues were fixed: - CVE-2018-17183: Remote attackers were be able to supply crafted PostScript to potentially overwrite or replace error handlers to inject code - CVE-2018-15909: Prevent type confusion using the ... oval:org.secpod.oval:def:89002407 This update for ghostscript-library fixes the following issues: - CVE-2018-16511: A type confusion in quot;ztypequot; could be used by remote attackers able to supply crafted PostScript to crash the interpreter or possibly have unspecified other impact. - CVE-2018-16540: Attackers able to supply cr ... oval:org.secpod.oval:def:1801162 CVE-2018-10194: The set_text_distance function in devices/vector/gdevpdts.c in the pdfwrite component in Artifex Ghostscript through 9.22 does not prevent overflows in text-positioning calculation, which allows remote attackers to cause a denial of service or possibly have unspecified other impact ... oval:org.secpod.oval:def:51127 ghostscript: PostScript and PDF interpreter Several security issues were fixed in Ghostscript. oval:org.secpod.oval:def:1801168 CVE-2018-10194: The set_text_distance function in devices/vector/gdevpdts.c in the pdfwrite component in Artifex Ghostscript through 9.22 does not prevent overflows in text-positioning calculation, which allows remote attackers to cause a denial of service or possibly have unspecified other impact ... oval:org.secpod.oval:def:89049775 This update for ghostscript to version 9.25 fixes the following issues: These security issues were fixed: - CVE-2018-17183: Remote attackers were be able to supply crafted PostScript to potentially overwrite or replace error handlers to inject code - CVE-2018-15909: Prevent type confusion using the ... oval:org.secpod.oval:def:704319 ghostscript: PostScript and PDF interpreter Several security issues were fixed in Ghostscript. oval:org.secpod.oval:def:1700083 It was discovered that the ghostscript .shfill operator did not properly validate certain types. An attacker could possibly exploit this to bypass the -dSAFER protection and crash ghostscript or, possibly, execute arbitrary code in the ghostscript context via a specially crafted PostScript document. ... |