CVSS: 10.0EPSS: 31%CPEs: 3EXPL: 1CVE-2023-28879 – ghostscript: buffer overflow in base/sbcp.c leading to data corruption
https://notcve.org/view.php?id=CVE-2023-28879
31 Mar 2023 — In Artifex Ghostscript through 10.01.0, there is a buffer overflow leading to potential corruption of data internal to the PostScript interpreter, in base/sbcp.c. This affects BCPEncode, BCPDecode, TBCPEncode, and TBCPDecode. If the write buffer is filled to one byte less than full, and one then tries to write an escaped character, two bytes are written. En Artifex Ghostscript hasta la versión 10.01.0, hay un desbordamiento de búfer que puede corromper los datos internos del intérprete PostScript, en base/s... • http://www.openwall.com/lists/oss-security/2023/04/12/4 • CWE-787: Out-of-bounds Write •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 1CVE-2020-27792 – Ghostscript: heap buffer over write vulnerability in ghostscript's lp8000_print_page() in gdevlp8k.c
https://notcve.org/view.php?id=CVE-2020-27792
19 Aug 2022 — A heap-based buffer overwrite vulnerability was found in GhostScript's lp8000_print_page() function in the gdevlp8k.c file. This flaw allows an attacker to trick a user into opening a crafted PDF file, triggering the heap buffer overflow that could lead to memory corruption or a denial of service. Se encontró una vulnerabilidad de escritura excesiva en el búfer en la región heap de la memoria en la función lp8000_print_page() de GhostScript en el archivo gdevlp8k.c. Un atacante podría engañar a un usuario p... • https://access.redhat.com/security/cve/CVE-2020-27792 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-25059 – Ubuntu Security Notice USN-5396-2
https://notcve.org/view.php?id=CVE-2019-25059
25 Apr 2022 — Artifex Ghostscript through 9.26 mishandles .completefont. NOTE: this issue exists because of an incomplete fix for CVE-2019-3839. Artifex Ghostscript versiones hasta 9.26 maneja inapropiadamente .completefont. NOTA: este problema se presenta debido a una corrección incompleta de CVE-2019-3839 USN-5396-1 addressed a vulnerability in Ghostscript. This update provides the corresponding update for Ubuntu 16.04 ESM. • http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=430e219ea17a2650577d70021399c4ead05869e0 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 1CVE-2021-45944 – Ubuntu Security Notice USN-5224-1
https://notcve.org/view.php?id=CVE-2021-45944
31 Dec 2021 — Ghostscript GhostPDL 9.50 through 9.53.3 has a use-after-free in sampled_data_sample (called from sampled_data_continue and interp). Ghostscript GhostPDL versiones 9.50 hasta 9.53.3, presenta un uso de memoria previamente liberada en la función sampled_data_sample (llamado desde sampled_data_continue e interp). USN-5224-1 fixed several vulnerabilities in Ghostscript. This update provides the corresponding update for Ubuntu 16.04 ESM. It was discovered that Ghostscript incorrectly handled certain PostScript ... • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=29903 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 1CVE-2021-45949 – Debian Security Advisory 5038-1
https://notcve.org/view.php?id=CVE-2021-45949
31 Dec 2021 — Ghostscript GhostPDL 9.50 through 9.54.0 has a heap-based buffer overflow in sampled_data_finish (called from sampled_data_continue and interp). Ghostscript GhostPDL versiones 9.50 a 9.54.0, presenta un desbordamiento de búfer en la región heap de la memoria en la función sampled_data_finish (llamado desde sampled_data_continue e interp). Multiple security issues were discovered in Ghostscript, the GPL PostScript/PDF interpreter, which could result in denial of service and potentially the execution of arbit... • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=34675 • CWE-787: Out-of-bounds Write •
CVSS: 9.9EPSS: 12%CPEs: 5EXPL: 0CVE-2021-3781 – Debian Security Advisory 4972-1
https://notcve.org/view.php?id=CVE-2021-3781
12 Sep 2021 — A trivial sandbox (enabled with the `-dSAFER` option) escape flaw was found in the ghostscript interpreter by injecting a specially crafted pipe command. This flaw allows a specially crafted document to execute arbitrary commands on the system in the context of the ghostscript interpreter. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. Se ha encontrado un fallo de escape trivial del sandbox (habilitado con la opción "-dSAFER") en el intérprete de... • https://bugzilla.redhat.com/show_bug.cgi?id=2002271 • CWE-20: Improper Input Validation CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1CVE-2020-14373 – ghostscript: use-after-free vulnerability in igc_reloc_struct_ptr() could result in DoS
https://notcve.org/view.php?id=CVE-2020-14373
03 Sep 2020 — A use after free was found in igc_reloc_struct_ptr() of psi/igc.c of ghostscript-9.25. A local attacker could supply a specially crafted PDF file to cause a denial of service. Se encontró un uso de la memoria previamente liberada en la función igc_reloc_struct_ptr() del archivo psi/igc.c de ghostscript-9.25. Un atacante local podría suministrar un archivo PDF especialmente diseñado para causar una denegación de servicio A use-after-free flaw was found in igc_reloc_struct_ptr() of psi/igc.c of Ghostscri... • https://bugs.ghostscript.com/show_bug.cgi?id=702851 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 1%CPEs: 6EXPL: 1CVE-2020-17538 – ghostscript: buffer overflow in GetNumSameData() in contrib/lips4/gdevlips.c could result in a DoS
https://notcve.org/view.php?id=CVE-2020-17538
13 Aug 2020 — A buffer overflow vulnerability in GetNumSameData() in contrib/lips4/gdevlips.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51. Una vulnerabilidad de desbordamiento del búfer en la función GetNumSameData() en el archivo contrib/lips4/gdevlips.c de Artifex Software GhostScript versión v9.50, permite a un atacante remoto causar una denegación de servicio por medio de un archivo PDF diseñado. Esto es corregido en la ver... • https://bugs.ghostscript.com/show_bug.cgi?id=701792 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 1CVE-2020-16310 – ghostscript: division by zero in dot24_print_page() in devices/gdevdm24.c could result in a DoS
https://notcve.org/view.php?id=CVE-2020-16310
13 Aug 2020 — A division by zero vulnerability in dot24_print_page() in devices/gdevdm24.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51. Una vulnerabilidad de división por cero en la función dot24_print_page() en el archivo devices/gdevdm24.c de Artifex Software GhostScript versión v9.50, permite a un atacante remoto causar una denegación de servicio por medio de un archivo PDF diseñado. Esto es corregido en la versión v9.51 The... • https://bugs.ghostscript.com/show_bug.cgi?id=701828 • CWE-369: Divide By Zero •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 1CVE-2020-16309 – ghostscript: buffer overflow in lxm5700m_print_page() in devices/gdevlxm.c could result in a DoS
https://notcve.org/view.php?id=CVE-2020-16309
13 Aug 2020 — A buffer overflow vulnerability in lxm5700m_print_page() in devices/gdevlxm.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted eps file. This is fixed in v9.51. Una vulnerabilidad de desbordamiento del búfer en la función lxm5700m_print_page() en el archivo devices/gdevlxm.c de Artifex Software GhostScript versión v9.50, permite a un atacante remoto causar una denegación de servicio por medio de un archivo eps diseñado. Esto es corregido en la versión... • https://bugs.ghostscript.com/show_bug.cgi?id=701827 • CWE-787: Out-of-bounds Write •