Page 13 of 91 results (0.004 seconds)

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

psi/zfile.c in Artifex Ghostscript before 9.21rc1 permits the status command even if -dSAFER is used, which might allow remote attackers to determine the existence and size of arbitrary files, a similar issue to CVE-2016-7977. psi/zfile.c en Artifex Ghostscript en versiones anteriores a la 9.21rc1 permite el comando status incluso si se emplea -dSAFER, lo que podría permitir que atacantes remotos determinen la existencia y tamaño de archivos arbitrarios. Este problema es similar a CVE-2016-7977. Ghostscript did not honor the -dSAFER option when executing the "status" instruction, which can be used to retrieve information such as a file's existence and size. A specially crafted postscript document could use this flow to gain information on the targeted system's filesystem content. • http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=b60d50b7567369ad856cebe1efb6cd7dd2284219 https://access.redhat.com/errata/RHSA-2019:2281 https://bugs.ghostscript.com/show_bug.cgi?id=697193 https://lists.debian.org/debian-lts-announce/2018/09/msg00015.html https://usn.ubuntu.com/3768-1 https://www.debian.org/security/2018/dsa-4336 https://access.redhat.com/security/cve/CVE-2018-11645 https://bugzilla.redhat.com/show_bug.cgi?id=1585914 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.8EPSS: 2%CPEs: 13EXPL: 0

The set_text_distance function in devices/vector/gdevpdts.c in the pdfwrite component in Artifex Ghostscript through 9.22 does not prevent overflows in text-positioning calculation, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document. La función set_text_distance en devices/vector/gdevpdts.c en el componente pdfwrite en Artifex Ghostscript, hasta la versión 9.22, no evita los desbordamientos en el cálculo de posicionamiento de texto. Esto permite que atacantes remotos provoquen una denegación de servicio (cierre inesperado de la aplicación) u otro tipo de impacto sin especificar mediante un documento PDF manipulado. • http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=39b1e54b2968620723bf32e96764c88797714879 http://www.securitytracker.com/id/1040729 https://access.redhat.com/errata/RHSA-2018:2918 https://bugs.ghostscript.com/show_bug.cgi?id=699255 https://lists.debian.org/debian-lts-announce/2018/04/msg00028.html https://security.gentoo.org/glsa/201811-12 https://usn.ubuntu.com/3636-1 https://access.redhat.com/security/cve/CVE-2018-10194 https://bugzilla.redhat.com/show_bug.cgi?id=1569108 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.8EPSS: 52%CPEs: 20EXPL: 2

Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a "/OutputFile (%pipe%" substring in a crafted .eps document that is an input to the gs program, as exploited in the wild in April 2017. Artifex Ghostscript permite sobrepasar -dSAFER y la ejecución de comandos remotos a través de una vulnerabilidad de type confusion en .rsdparams con una subcadena "/ OutputFile (% pipe%" en un documento .eps que se utilice como entrada al gs. It was found that ghostscript did not properly validate the parameters passed to the .rsdparams and .eqproc functions. During its execution, a specially crafted PostScript document could execute code in the context of the ghostscript process, bypassing the -dSAFER protection. Artifex Ghostscript allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a "/OutputFile. • https://www.exploit-db.com/exploits/41955 http://openwall.com/lists/oss-security/2017/04/28/2 http://www.debian.org/security/2017/dsa-3838 http://www.securityfocus.com/bid/98476 https://access.redhat.com/errata/RHSA-2017:1230 https://bugs.ghostscript.com/show_bug.cgi?id=697808 https://bugzilla.redhat.com/show_bug.cgi?id=1446063 https://bugzilla.suse.com/show_bug.cgi?id=1036453 https://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=04b37bbce174eed24edec7ad5b920eb93db4d47d • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1

The fill_threshhold_buffer function in base/gxht_thresh.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted PostScript document. La función fill_threshhold_buffer en base/gxht_thresh.c en Artifex Software, Inc. Ghostscript 9.20 permite a atacantes remotos provocar una denegación de servicio (desbordamiento de búfer basado en memoria dinámica y caída de la aplicación) o posiblemente tener otro impacto no especificado a través de un documento PostScript manipulado. • http://www.securityfocus.com/bid/97410 https://bugs.ghostscript.com/show_bug.cgi?id=697459 https://usn.ubuntu.com/3636-1 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1

The intersect function in base/gxfill.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted file. La función intersect en base/gxfill.c en Artifex Software, Inc. Ghostscript 9.20 permite a atacantes remotos provocar una denegación de servicio (error de división por cero y caída de la aplicación) a través de un archivo manipulado. • http://www.debian.org/security/2017/dsa-3838 http://www.ghostscript.com/cgi-bin/findgit.cgi?4bef1a1d32e29b68855616020dbff574b9cda08f https://bugs.ghostscript.com/show_bug.cgi?id=697453 https://security.gentoo.org/glsa/201708-06 • CWE-369: Divide By Zero •