CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-7207 – ghostscript: NULL pointer dereference in mem_get_bits_rectangle()
https://notcve.org/view.php?id=CVE-2017-7207
The mem_get_bits_rectangle function in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted PostScript document. La función mem_get_bits_rectangle en Artifex Software, Inc. Ghostscript 9.20 permite a atacantes remotos provocar una denegación de servicio ( referencia puntero NULL) a través de un documento PostScript manipulado. A NULL pointer dereference flaw was found in ghostscript's mem_get_bits_rectangle function. • http://www.debian.org/security/2017/dsa-3838 http://www.ghostscript.com/cgi-bin/findgit.cgi?309eca4e0a31ea70dcc844812691439312dad091 http://www.securityfocus.com/bid/96995 http://www.securitytracker.com/id/1039071 https://access.redhat.com/errata/RHSA-2017:2180 https://bugs.ghostscript.com/show_bug.cgi?id=697676 https://security.gentoo.org/glsa/201708-06 https://access.redhat.com/security/cve/CVE-2017-7207 https://bugzilla.redhat.com/show_bug.cgi?id=1434353 • CWE-476: NULL Pointer Dereference •
CVSS: 8.8EPSS: 3%CPEs: 2EXPL: 0CVE-2016-7976
https://notcve.org/view.php?id=CVE-2016-7976
The PS Interpreter in Ghostscript 9.18 and 9.20 allows remote attackers to execute arbitrary code via crafted userparams. PS Interpreter en Ghostscript 9.18 y 9.20 permite que atacantes remotos ejecuten código arbitrario mediante parámetros de usuario manipulados. • http://git.ghostscript.com/?p=user/chrisl/ghostpdl.git%3Ba=commit%3Bh=6d444c273da5499a4cd72f21cb6d4c9a5256807d http://www.debian.org/security/2016/dsa-3691 http://www.openwall.com/lists/oss-security/2016/10/19/6 http://www.securityfocus.com/bid/95332 https://bugs.ghostscript.com/show_bug.cgi?id=697178 https://security.gentoo.org/glsa/201702-31 • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 8%CPEs: 1EXPL: 0CVE-2016-7978 – ghostscript: reference leak in .setdevice allows use-after-free and remote code execution
https://notcve.org/view.php?id=CVE-2016-7978
Use-after-free vulnerability in Ghostscript 9.20 might allow remote attackers to execute arbitrary code via vectors related to a reference leak in .setdevice. Vulnerabilidad de uso después de la liberación de Ghostscript 9.20 podría permitir a atacantes remotos ejecutar código arbitrario a través de vectores relacionados con una fuga de referencia en .setdevice. It was found that the ghostscript function .setdevice suffered a use-after-free vulnerability due to an incorrect reference count. A specially crafted postscript document could trigger code execution in the context of the gs process. • http://rhn.redhat.com/errata/RHSA-2017-0013.html http://www.debian.org/security/2016/dsa-3691 http://www.openwall.com/lists/oss-security/2016/10/05/15 http://www.securityfocus.com/bid/95336 https://bugs.ghostscript.com/show_bug.cgi?id=697179 https://security.gentoo.org/glsa/201702-31 https://access.redhat.com/security/cve/CVE-2016-7978 https://bugzilla.redhat.com/show_bug.cgi?id=1382300 • CWE-416: Use After Free •
CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0CVE-2016-7977 – ghostscript: .libfile does not honor -dSAFER
https://notcve.org/view.php?id=CVE-2016-7977
Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently read arbitrary files via the use of the .libfile operator in a crafted postscript document. Ghostscript anterior a la versión 9.21 podría permitir que los atacantes remotos eludieran el mecanismo de protección del modo SAFER y, en consecuencia, leyeran archivos arbitrarios mediante el uso del operador .libfile en un documento Postscript manipulado. It was found that ghostscript function .libfile did not honor the -dSAFER option, usually used when processing untrusted documents, leading to information disclosure. A specially crafted postscript document could, in the context of the gs process, retrieve file content on the target machine. • http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=8abd22010eb4db0fb1b10e430d5f5d83e015ef70 http://rhn.redhat.com/errata/RHSA-2017-0013.html http://rhn.redhat.com/errata/RHSA-2017-0014.html http://www.debian.org/security/2016/dsa-3691 http://www.openwall.com/lists/oss-security/2016/09/29/28 http://www.openwall.com/lists/oss-security/2016/10/05/15 http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html http://www.securityfocus.com/bid/95334 https:/ • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 10%CPEs: 1EXPL: 0CVE-2016-7979 – ghostscript: Type confusion in .initialize_dsc_parser allows remote code execution
https://notcve.org/view.php?id=CVE-2016-7979
Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently execute arbitrary code by leveraging type confusion in .initialize_dsc_parser. Ghostscript versiones anteriores a 9.21 podría permitir que los atacantes remotos pasaran por alto el mecanismo de protección del modo SAFER y, en consecuencia, ejecutar código arbitrario mediante el aprovechamiento de la confusión de tipos en .initialize_dsc_parser. It was found that the ghostscript function .initialize_dsc_parser did not validate its parameter before using it, allowing a type confusion flaw. A specially crafted postscript document could cause a crash code execution in the context of the gs process. • http://git.ghostscript.com/?p=ghostpdl.git%3Bh=875a0095f37626a721c7ff57d606a0f95af03913 http://rhn.redhat.com/errata/RHSA-2017-0013.html http://rhn.redhat.com/errata/RHSA-2017-0014.html http://www.debian.org/security/2016/dsa-3691 http://www.openwall.com/lists/oss-security/2016/10/05/15 http://www.securityfocus.com/bid/95337 https://bugs.ghostscript.com/show_bug.cgi?id=697190 https://security.gentoo.org/glsa/201702-31 https://access.redhat.com/security/cve/CVE-2016-7979 h • CWE-20: Improper Input Validation CWE-704: Incorrect Type Conversion or Cast •