CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2018-15908 – ghostscript: .tempfile file permission issues (699657)
https://notcve.org/view.php?id=CVE-2018-15908
27 Aug 2018 — In Artifex Ghostscript 9.23 before 2018-08-23, attackers are able to supply malicious PostScript files to bypass .tempfile restrictions and write files. En Artifex Ghostscript 9.23 antes del 23/08/2018, los atacantes pueden proporcionar archivos PostScript maliciosos para omitir las restricciones .tempfile y escribir en archivos. It was discovered that the ghostscript .tempfile function did not properly handle file permissions. An attacker could possibly exploit this to exploit this to bypass the -dSAFER pr... • http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=0d3901189f245232f0161addf215d7268c4d05a3 •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2018-15909 – ghostscript: shading_param incomplete type checking (699660)
https://notcve.org/view.php?id=CVE-2018-15909
27 Aug 2018 — In Artifex Ghostscript 9.23 before 2018-08-24, a type confusion using the .shfill operator could be used by attackers able to supply crafted PostScript files to crash the interpreter or potentially execute code. En Artifex Ghostscript 9.23 antes del 24/08/2018, los atacantes podrían emplear una confusión de tipos usando el operador .shfill para proporcionar archivos PostScript manipulados para provocar el cierre inesperado del intérprete o ejecutar código. It was discovered that the ghostscript .shfill oper... • http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=0b6cd1918e1ec4ffd087400a754a845180a4522b • CWE-704: Incorrect Type Conversion or Cast CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2018-11645 – ghostscript: status command permitted with -dSAFER in psi/zfile.c allowing attackers to identify the size and existence of files
https://notcve.org/view.php?id=CVE-2018-11645
01 Jun 2018 — psi/zfile.c in Artifex Ghostscript before 9.21rc1 permits the status command even if -dSAFER is used, which might allow remote attackers to determine the existence and size of arbitrary files, a similar issue to CVE-2016-7977. psi/zfile.c en Artifex Ghostscript en versiones anteriores a la 9.21rc1 permite el comando status incluso si se emplea -dSAFER, lo que podría permitir que atacantes remotos determinen la existencia y tamaño de archivos arbitrarios. Este problema es similar a CVE-2016-7977. Ghostscript... • http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=b60d50b7567369ad856cebe1efb6cd7dd2284219 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 2%CPEs: 13EXPL: 0CVE-2018-10194 – ghostscript: Stack-based out-of-bounds write in pdf_set_text_matrix function in gdevpdts.c
https://notcve.org/view.php?id=CVE-2018-10194
18 Apr 2018 — The set_text_distance function in devices/vector/gdevpdts.c in the pdfwrite component in Artifex Ghostscript through 9.22 does not prevent overflows in text-positioning calculation, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document. La función set_text_distance en devices/vector/gdevpdts.c en el componente pdfwrite en Artifex Ghostscript, hasta la versión 9.22, no evita los desbordamientos en el cálculo de posi... • http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=39b1e54b2968620723bf32e96764c88797714879 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2017-11714 – Gentoo Linux Security Advisory 201811-12
https://notcve.org/view.php?id=CVE-2017-11714
28 Jul 2017 — psi/ztoken.c in Artifex Ghostscript 9.21 mishandles references to the scanner state structure, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PostScript document, related to an out-of-bounds read in the igc_reloc_struct_ptr function in psi/igc.c. El archivo psi/ztoken.c en Artifex Ghostscript versión 9.21, maneja inapropiadamente las referencias a la estructura de estado del escáner, que permite a los atacantes remotos g... • http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=671fd59eb657743aa86fbc1895cb15872a317caa • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1CVE-2017-9835 – Gentoo Linux Security Advisory 201811-12
https://notcve.org/view.php?id=CVE-2017-9835
26 Jul 2017 — The gs_alloc_ref_array function in psi/ialloc.c in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted PostScript document. This is related to a lack of an integer overflow check in base/gsalloc.c. La función gs_alloc_ref_array en psi/ialloc.c en Artifex Ghostscript versión 9.21 permite a los atacantes remotos causar una denegación de servicio (DoS) (desbordamiento de búfer en... • http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=cfde94be1d4286bc47633c6e6eaf4e659bd78066 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1CVE-2017-9611 – Gentoo Linux Security Advisory 201811-12
https://notcve.org/view.php?id=CVE-2017-9611
26 Jul 2017 — The Ins_MIRP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document. La función Ins_MIRP en base/ttinterp.c en Artifex Ghostscript GhostXPS versión 9.21 permite a los atacantes remotos causar una denegación de servicio (DoS) (sobreescritura del búfer en la zona heap de la memoria y bloqueo de la aplicación) o posiblemente tener ot... • http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commit%3Bh=c7c55972758a93350882c32147801a3485b010fe • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-8908
https://notcve.org/view.php?id=CVE-2017-8908
12 May 2017 — The mark_line_tr function in gxscanc.c in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PostScript document. La función mark_line_tr en gxscanc.c de Artifex Ghostscript 9.21 permite a atacantes remotos causar una denegación de servicio (lectura fuera de límites) a través de un documento PostScript manipulado. • http://www.securityfocus.com/bid/98427 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 48%CPEs: 20EXPL: 2CVE-2017-8291 – Artifex Ghostscript Type Confusion Vulnerability
https://notcve.org/view.php?id=CVE-2017-8291
27 Apr 2017 — Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a "/OutputFile (%pipe%" substring in a crafted .eps document that is an input to the gs program, as exploited in the wild in April 2017. Artifex Ghostscript permite sobrepasar -dSAFER y la ejecución de comandos remotos a través de una vulnerabilidad de type confusion en .rsdparams con una subcadena "/ OutputFile (% pipe%" en un documento .eps que se utilice como entrada al gs. It was ... • https://www.exploit-db.com/exploits/41955 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2017-7948 – Gentoo Linux Security Advisory 201811-12
https://notcve.org/view.php?id=CVE-2017-7948
19 Apr 2017 — Integer overflow in the mark_curve function in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact via a crafted PostScript document. Desbordamiento de entero en la función mark_curve en Artifex Ghostscript 9.21 permite a atacantes remotos provocar una denegación de servicio (escritura fuera de límites y caída de aplicación) o posiblemente tener otro impacto no especificado a través de un document... • http://git.ghostscript.com/?p=ghostpdl.git%3Bh=8210a2864372723b49c526e2b102fdc00c9c4699 • CWE-190: Integer Overflow or Wraparound •