CVSS: 9.3EPSS: 1%CPEs: 14EXPL: 0CVE-2009-0584 – argyllcms: Multiple insufficient upper-bounds checks on certain sizes in the International Color Consortium Format Library
https://notcve.org/view.php?id=CVE-2009-0584
23 Mar 2009 — icc.c in the International Color Consortium (ICC) Format library (aka icclib), as used in Ghostscript 8.64 and earlier and Argyll Color Management System (CMS) 1.0.3 and earlier, allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code by using a device file for processing a crafted image file associated with large integer values for certain sizes, related to an ICC profile in a (1) PostScript or (2) PDF file with embedded images. icc.c, pertenec... • http://bugs.gentoo.org/show_bug.cgi?id=261087 • CWE-189: Numeric Errors •
CVSS: 9.8EPSS: 8%CPEs: 88EXPL: 2CVE-2008-0411 – Ghostscript 8.0.1/8.15 - 'zseticcspace()' Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2008-0411
28 Feb 2008 — Stack-based buffer overflow in the zseticcspace function in zicc.c in Ghostscript 8.61 and earlier allows remote attackers to execute arbitrary code via a postscript (.ps) file containing a long Range array in a .seticcspace operator. Desbordamiento de búfer basado en pila en la función zseticcspace de zicc.c en Ghostscript 8.61 y anteriores permite a atacantes remotos ejecutar código de su elección a través de un archivo postscript (.ps) que contiene un array de Range (rango) largo en un operador .seticcsp... • https://www.exploit-db.com/exploits/31309 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •
CVSS: 7.2EPSS: 0%CPEs: 20EXPL: 0CVE-2004-0967 – temporary file vulnerabilities in various ghostscript scripts.
https://notcve.org/view.php?id=CVE-2004-0967
20 Oct 2004 — The (1) pj-gs.sh, (2) ps2epsi, (3) pv.sh, and (4) sysvlp.sh scripts in the ESP Ghostscript (espgs) package in Trustix Secure Linux 1.5 through 2.1, and other operating systems, allow local users to overwrite files via a symlink attack on temporary files. • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.19/SCOSA-2006.19.txt • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2002-0363
https://notcve.org/view.php?id=CVE-2002-0363
29 May 2002 — ghostscript before 6.53 allows attackers to execute arbitrary commands by using .locksafe or .setsafe to reset the current pagedevice. • ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-026.0.txt •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2001-1353
https://notcve.org/view.php?id=CVE-2001-1353
18 Sep 2001 — ghostscript before 6.51 allows local users to read and write arbitrary files as the 'lp' user via the file operator, even with -dSAFER enabled. • http://archives.neohapsis.com/archives/hp/2001-q4/0069.html •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2000-1162
https://notcve.org/view.php?id=CVE-2000-1162
09 Jan 2001 — ghostscript before 5.10-16 allows local users to overwrite files of other users via a symlink attack. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000343 •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2000-1163
https://notcve.org/view.php?id=CVE-2000-1163
09 Jan 2001 — ghostscript before 5.10-16 uses an empty LD_RUN_PATH environmental variable to find libraries in the current directory, which could allow local users to execute commands as other users by placing a Trojan horse library into a directory from which another user executes ghostscript. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000343 •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-1999-0155
https://notcve.org/view.php?id=CVE-1999-0155
31 Aug 1995 — The ghostscript command with the -dSAFER option allows remote attackers to execute commands. • https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0155 •