Page 13 of 63 results (0.005 seconds)

CVSS: 9.8EPSS: 10%CPEs: 1EXPL: 0

Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently execute arbitrary code by leveraging type confusion in .initialize_dsc_parser. Ghostscript versiones anteriores a 9.21 podría permitir que los atacantes remotos pasaran por alto el mecanismo de protección del modo SAFER y, en consecuencia, ejecutar código arbitrario mediante el aprovechamiento de la confusión de tipos en .initialize_dsc_parser. It was found that the ghostscript function .initialize_dsc_parser did not validate its parameter before using it, allowing a type confusion flaw. A specially crafted postscript document could cause a crash code execution in the context of the gs process. • http://git.ghostscript.com/?p=ghostpdl.git%3Bh=875a0095f37626a721c7ff57d606a0f95af03913 http://rhn.redhat.com/errata/RHSA-2017-0013.html http://rhn.redhat.com/errata/RHSA-2017-0014.html http://www.debian.org/security/2016/dsa-3691 http://www.openwall.com/lists/oss-security/2016/10/05/15 http://www.securityfocus.com/bid/95337 https://bugs.ghostscript.com/show_bug.cgi?id=697190 https://security.gentoo.org/glsa/201702-31 https://access.redhat.com/security/cve/CVE-2016-7979 h • CWE-20: Improper Input Validation CWE-704: Incorrect Type Conversion or Cast •

CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0

Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently read arbitrary files via the use of the .libfile operator in a crafted postscript document. Ghostscript anterior a la versión 9.21 podría permitir que los atacantes remotos eludieran el mecanismo de protección del modo SAFER y, en consecuencia, leyeran archivos arbitrarios mediante el uso del operador .libfile en un documento Postscript manipulado. It was found that ghostscript function .libfile did not honor the -dSAFER option, usually used when processing untrusted documents, leading to information disclosure. A specially crafted postscript document could, in the context of the gs process, retrieve file content on the target machine. • http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=8abd22010eb4db0fb1b10e430d5f5d83e015ef70 http://rhn.redhat.com/errata/RHSA-2017-0013.html http://rhn.redhat.com/errata/RHSA-2017-0014.html http://www.debian.org/security/2016/dsa-3691 http://www.openwall.com/lists/oss-security/2016/09/29/28 http://www.openwall.com/lists/oss-security/2016/10/05/15 http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html http://www.securityfocus.com/bid/95334 https:/ • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 9.3EPSS: 2%CPEs: 2EXPL: 1

Stack-based buffer overflow in the errprintf function in base/gsmisc.c in ghostscript 8.64 through 8.70 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PDF file, as originally reported for debug logging code in gdevcups.c in the CUPS output driver. Desbordamiento de búfer basado en pila en la función errprintf en base/gsmisc.c en ghostscript v8.64 hasta v8.70 permite a atacantes remotos provocar una denegación de servicio (caída) y probablemente ejecutar código de su elección mediante un fichero PDF modificado, como inicialmente se reportó por código de registro de depuración en gdevcups.c en el controlador de salida CUPS. • http://bugs.ghostscript.com/show_bug.cgi?id=690829 http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html http://osvdb.org/61140 http://secunia.com/advisories/37851 http://secunia.com/advisories/40580 http://security.gentoo.org/glsa/glsa-201412-17.xml http://www.mandriva.com/security/advisories?name=MDVSA-2010:134 http://www.mandriva.com/security/advisories?name=MDVSA-2010:135 http://www.openwall.com/lists/oss-security/2009/12/18/1 http://www.openwall • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •