Page 42 of 221 results (0.002 seconds)

CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 1

CVE-2016-7505

https://notcve.org/view.php?id=CVE-2016-7505

A buffer overflow vulnerability was observed in divby function of Artifex Software, Inc. MuJS before 8c805b4eb19cf2af689c860b77e6111d2ee439d5. A successful exploitation of this issue can lead to code execution or denial of service condition. Una vulnerabilidad de desbordamiento de buffer fue observada en divby function de Artifex Software, Inc. MuJS anterior a 8c805b4eb19cf2af689c860b77e6111d2ee439d5. • http://bugs.ghostscript.com/show_bug.cgi?id=697140 http://www.securityfocus.com/bid/94231 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1

CVE-2016-9017

https://notcve.org/view.php?id=CVE-2016-9017

Artifex Software, Inc. MuJS before a5c747f1d40e8d6659a37a8d25f13fb5acf8e767 allows context-dependent attackers to obtain sensitive information by using the "opname in crafted JavaScript file" approach, related to an "Out-of-Bounds read" issue affecting the jsC_dumpfunction function in the jsdump.c component. Artifex Software, Inc. MuJS en versiones anteriores a a5c747f1d40e8d6659a37a8d25f13fb5acf8e767 permite a atacantes dependientes del contexto obtener información sensible utilizando el enfoque "opname en crafted JavaScript file", relacionado con un problema de "lectura fuera de límites" que afecta la función jsC_dumpfunction en el componente jsdump.c. • http://bugs.ghostscript.com/show_bug.cgi?id=697171 http://www.securityfocus.com/bid/94241 • CWE-125: Out-of-bounds Read CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.5EPSS: 1%CPEs: 3EXPL: 2

CVE-2016-6265

https://notcve.org/view.php?id=CVE-2016-6265

Use-after-free vulnerability in the pdf_load_xref function in pdf/pdf-xref.c in MuPDF allows remote attackers to cause a denial of service (crash) via a crafted PDF file. Vulnerabilidad de uso después de liberación en la función pdf_load_xref en pdf/pdf-xref.c en MuPDF permite a atacantes remotos provocar una denegación de servicio (caída) a través de un archivo PDF manipulado. • http://bugs.ghostscript.com/show_bug.cgi?id=696941 http://git.ghostscript.com/?p=mupdf.git%3Bh=fa1936405b6a84e5c9bb440912c23d532772f958 http://lists.opensuse.org/opensuse-updates/2016-08/msg00007.html http://www.debian.org/security/2016/dsa-3655 http://www.openwall.com/lists/oss-security/2016/07/21/7 http://www.securityfocus.com/bid/92071 https://security.gentoo.org/glsa/201702-12 • CWE-416: Use After Free •

CVSS: 9.8EPSS: 6%CPEs: 2EXPL: 0

CVE-2016-6525

https://notcve.org/view.php?id=CVE-2016-6525

Heap-based buffer overflow in the pdf_load_mesh_params function in pdf/pdf-shade.c in MuPDF allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a large decode array. Desbordamiento de búfer basado en memoria dinámica en la función pdf_load_mesh_params en pdf/pdf-shade.c en MuPDF permite a atacantes remotos provocar una denegación de servicio (caída) o ejecutar código arbitrario a través de una decodificación array grande. • http://bugs.ghostscript.com/show_bug.cgi?id=696954 http://git.ghostscript.com/?p=mupdf.git%3Bh=39b0f07dd960f34e7e6bf230ffc3d87c41ef0f2e http://www.debian.org/security/2016/dsa-3655 http://www.openwall.com/lists/oss-security/2016/08/03/8 http://www.securityfocus.com/bid/92266 https://security.gentoo.org/glsa/201702-12 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.8EPSS: 1%CPEs: 1EXPL: 0

CVE-2015-3228

https://notcve.org/view.php?id=CVE-2015-3228

Integer overflow in the gs_heap_alloc_bytes function in base/gsmalloc.c in Ghostscript 9.15 and earlier allows remote attackers to cause a denial of service (crash) via a crafted Postscript (ps) file, as demonstrated by using the ps2pdf command, which triggers an out-of-bounds read or write. Desbordamiento de entero en la función gs_heap_alloc_bytes en base/gsmalloc.c en Ghostscript 9.15 y versiones anteriores, permite a atacantes remotos provocar una denegación de servicio (caída) mediante un archivo Postscript (ps) manipulado, según lo demostrado mediante el uso del comando ps2pdf, lo que desencadena una lectura o escritura fuera de rango. • http://bugs.ghostscript.com/show_bug.cgi?id=696041 http://bugs.ghostscript.com/show_bug.cgi?id=696070 http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=0c0b0859 http://openwall.com/lists/oss-security/2015/07/23/14 http://www.debian.org/security/2015/dsa-3326 http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html http://www.securityfocus.com/bid/76017 http://www.securitytracker.com/id/1033149 http://www.ubuntu.com/usn/USN-2697-1 https • CWE-189: Numeric Errors •