CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-7207 – ghostscript: NULL pointer dereference in mem_get_bits_rectangle()
https://notcve.org/view.php?id=CVE-2017-7207
The mem_get_bits_rectangle function in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted PostScript document. La función mem_get_bits_rectangle en Artifex Software, Inc. Ghostscript 9.20 permite a atacantes remotos provocar una denegación de servicio ( referencia puntero NULL) a través de un documento PostScript manipulado. A NULL pointer dereference flaw was found in ghostscript's mem_get_bits_rectangle function. • http://www.debian.org/security/2017/dsa-3838 http://www.ghostscript.com/cgi-bin/findgit.cgi?309eca4e0a31ea70dcc844812691439312dad091 http://www.securityfocus.com/bid/96995 http://www.securitytracker.com/id/1039071 https://access.redhat.com/errata/RHSA-2017:2180 https://bugs.ghostscript.com/show_bug.cgi?id=697676 https://security.gentoo.org/glsa/201708-06 https://access.redhat.com/security/cve/CVE-2017-7207 https://bugzilla.redhat.com/show_bug.cgi?id=1434353 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2016-10246
https://notcve.org/view.php?id=CVE-2016-10246
Buffer overflow in the main function in jstest_main.c in Mujstest in Artifex Software, Inc. MuPDF before 1.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file. Desbordamiento de búfer en la función principal en jstest_main.c en Mujstest en Artifex Software, Inc. MuPDF en versiones anteriores a 1.10 permite a atacantes provocar una denegación de servicio (escritura fuera de límites) a través de un archivo manipulado. • http://git.ghostscript.com/?p=mupdf.git%3Bh=cfe8f35bca61056363368c343be36812abde0a06 http://www.openwall.com/lists/oss-security/2017/03/13/21 https://blogs.gentoo.org/ago/2016/09/24/mupdf-mujstest-global-buffer-overflow-in-main-jstest_main-c https://lists.debian.org/debian-lts-announce/2021/09/msg00013.html https://bugs.ghostscript.com/show_bug.cgi?id=697020 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2016-10247
https://notcve.org/view.php?id=CVE-2016-10247
Buffer overflow in the my_getline function in jstest_main.c in Mujstest in Artifex Software, Inc. MuPDF before 1.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file. Desbordamiento de búfer en la función my_getline en jstest_main.c en Mujstest en Artifex Software, Inc. MuPDF en versiones anteriores a 1.10 permite a atacantes provocar una denegación de servicio (escritura fuera de límites) a través de un archivo manipulado. • http://git.ghostscript.com/?p=mupdf.git%3Bh=446097f97b71ce20fa8d1e45e070f2e62676003e http://www.openwall.com/lists/oss-security/2017/03/13/20 http://www.securityfocus.com/bid/97099 https://blogs.gentoo.org/ago/2016/09/24/mupdf-mujstest-global-buffer-overflow-in-my_getline-jstest_main-c https://lists.debian.org/debian-lts-announce/2021/09/msg00013.html https://bugs.ghostscript.com/show_bug.cgi?id=697021 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 2%CPEs: 2EXPL: 4CVE-2017-6060 – Artifex MuPDF mujstest 1.10a - Null Pointer Dereference
https://notcve.org/view.php?id=CVE-2017-6060
Stack-based buffer overflow in jstest_main.c in mujstest in Artifex Software, Inc. MuPDF 1.10a allows remote attackers to have unspecified impact via a crafted image. Desbordamiento de búfer basado en pila en jstest_main.c en mujstest en Artifex Software, Inc. MuPDF 1.10a permite a atacantes remotos tener impacto no especificado a través de una imagen manipulada. Artifex MuPDF mujstest version 1.10a suffers from a null pointer dereference vulnerability. • https://www.exploit-db.com/exploits/42139 http://www.openwall.com/lists/oss-security/2017/02/18/1 http://www.securityfocus.com/bid/96266 https://blogs.gentoo.org/ago/2017/02/17/mupdf-mujstest-stack-based-buffer-overflow-in-main-jstest_main-c https://bugs.ghostscript.com/show_bug.cgi?id=697551 https://lists.debian.org/debian-lts-announce/2021/09/msg00013.html https://security.gentoo.org/glsa/201706-08 https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/&# • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-6196
https://notcve.org/view.php?id=CVE-2017-6196
Multiple use-after-free vulnerabilities in the gx_image_enum_begin function in base/gxipixel.c in Ghostscript before ecceafe3abba2714ef9b432035fe0739d9b1a283 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PostScript document. Múltiples vulnerabilidades de uso después de liberación en la función gx_image_enum_begin en base/gxipixel.c en Ghostscript en versiones anteriores a ecceafe3abba2714ef9b432035fe0739d9b1a283 permiten a atacantes remotos provocar una denegación de servicio (caída de aplicación) o posiblemente tener otro impacto no especificado a través de un documento PostScript manipulado. • http://git.ghostscript.com/?p=ghostpdl.git%3Bh=ecceafe3abba2714ef9b432035fe0739d9b1a283 http://www.securityfocus.com/bid/96428 http://www.securitytracker.com/id/1037899 https://bugs.ghostscript.com/show_bug.cgi?id=697596 https://security.gentoo.org/glsa/201708-06 • CWE-416: Use After Free •