Search CVE reports
1 – 10 of 14 results
CVE-2010-4820
Medium priorityUntrusted search path vulnerability in Ghostscript 8.62 allows local users to execute arbitrary PostScript code via a Trojan horse Postscript library file in Encoding/ under the current working directory, a different vulnerability...
4 affected packages
ghostscript, gs-afpl, gs-esp, gs-gpl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| ghostscript | — | — | — | — | — |
| gs-afpl | — | — | — | — | — |
| gs-esp | — | — | — | — | — |
| gs-gpl | — | — | — | — | — |
CVE-2012-4405
Medium prioritySome fixes available 2 of 6
Multiple integer underflows in the icmLut_allocate function in International Color Consortium (ICC) Format library (icclib), as used in Ghostscript 9.06 and Argyll Color Management System, allow remote attackers to cause a denial...
5 affected packages
argyll, ghostscript, gs-afpl, gs-esp, gs-gpl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| argyll | — | — | — | — | Not affected |
| ghostscript | — | — | — | — | Not affected |
| gs-afpl | — | — | — | — | Not in release |
| gs-esp | — | — | — | — | Not in release |
| gs-gpl | — | — | — | — | Not in release |
CVE-2010-4054
Low prioritySome fixes available 1 of 6
The gs_type2_interpret function in Ghostscript allows remote attackers to cause a denial of service (incorrect pointer dereference and application crash) via crafted font data in a compressed data stream, aka bug 691043.
4 affected packages
ghostscript, gs-afpl, gs-esp, gs-gpl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| ghostscript | — | — | — | — | — |
| gs-afpl | — | — | — | — | — |
| gs-esp | — | — | — | — | — |
| gs-gpl | — | — | — | — | — |
CVE-2009-3743
Low prioritySome fixes available 1 of 6
Off-by-one error in the Ins_MINDEX function in the TrueType bytecode interpreter in Ghostscript before 8.71 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a malformed...
4 affected packages
ghostscript, gs-afpl, gs-esp, gs-gpl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| ghostscript | — | — | — | — | — |
| gs-afpl | — | — | — | — | — |
| gs-esp | — | — | — | — | — |
| gs-gpl | — | — | — | — | — |
CVE-2010-2055
Medium priorityGhostscript 8.71 and earlier reads initialization files from the current working directory, which allows local users to execute arbitrary PostScript commands via a Trojan horse file, related to improper support for the -P- option...
4 affected packages
ghostscript, gs-afpl, gs-esp, gs-gpl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| ghostscript | — | — | — | — | — |
| gs-afpl | — | — | — | — | — |
| gs-esp | — | — | — | — | — |
| gs-gpl | — | — | — | — | — |
CVE-2010-1628
Medium prioritySome fixes available 4 of 7
Ghostscript 8.64, 8.70, and possibly other versions allows context-dependent attackers to execute arbitrary code via a PostScript file containing unlimited recursive procedure invocations, which trigger memory corruption in the...
4 affected packages
ghostscript, gs-afpl, gs-esp, gs-gpl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| ghostscript | — | — | — | — | — |
| gs-afpl | — | — | — | — | — |
| gs-esp | — | — | — | — | — |
| gs-gpl | — | — | — | — | — |
CVE-2010-1869
Medium prioritySome fixes available 3 of 6
Stack-based buffer overflow in the parser function in GhostScript 8.70 and 8.64 allows context-dependent attackers to execute arbitrary code via a crafted PostScript file.
4 affected packages
ghostscript, gs-afpl, gs-esp, gs-gpl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| ghostscript | — | — | — | — | — |
| gs-afpl | — | — | — | — | — |
| gs-esp | — | — | — | — | — |
| gs-gpl | — | — | — | — | — |
CVE-2009-4897
Medium prioritySome fixes available 2 of 5
Buffer overflow in gs/psi/iscan.c in Ghostscript 8.64 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDF document containing a long name.
4 affected packages
ghostscript, gs-afpl, gs-esp, gs-gpl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| ghostscript | — | — | — | — | — |
| gs-afpl | — | — | — | — | — |
| gs-esp | — | — | — | — | — |
| gs-gpl | — | — | — | — | — |
CVE-2009-4270
Low prioritySome fixes available 2 of 5
Stack-based buffer overflow in the errprintf function in base/gsmisc.c in ghostscript 8.64 through 8.70 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PDF file, as...
4 affected packages
ghostscript, gs-afpl, gs-esp, gs-gpl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| ghostscript | — | — | — | — | — |
| gs-afpl | — | — | — | — | — |
| gs-esp | — | — | — | — | — |
| gs-gpl | — | — | — | — | — |
CVE-2009-0196
Medium prioritySome fixes available 6 of 8
Heap-based buffer overflow in the big2_decode_symbol_dict function (jbig2_symbol_dict.c) in the JBIG2 decoding library (jbig2dec) in Ghostscript 8.64, and probably earlier versions, allows remote attackers to execute arbitrary...
4 affected packages
ghostscript, gs-afpl, gs-esp, gs-gpl
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| ghostscript | — | — | — | — | — |
| gs-afpl | — | — | — | — | — |
| gs-esp | — | — | — | — | — |
| gs-gpl | — | — | — | — | — |