Max CVSS | 9.3 | Min CVSS | 4.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2017-8291 | 6.8 |
Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a "/OutputFile (%pipe%" substring in a crafted .eps document that is an input to the gs program, as exploited in the wild in
|
02-07-2024 - 13:01 | 27-04-2017 - 01:59 | |
CVE-2019-6116 | 6.8 |
In Artifex Ghostscript through 9.26, ephemeral or transient procedures can allow access to system operators, leading to remote code execution.
|
01-03-2023 - 18:41 | 21-03-2019 - 16:01 | |
CVE-2012-4405 | 6.8 |
Multiple integer underflows in the icmLut_allocate function in International Color Consortium (ICC) Format library (icclib), as used in Ghostscript 9.06 and Argyll Color Management System, allow remote attackers to cause a denial of service (crash) a
|
13-02-2023 - 04:34 | 18-09-2012 - 17:55 | |
CVE-2018-16863 | 9.3 |
It was found that RHSA-2018:2918 did not fully fix CVE-2018-16509. An attacker could possibly exploit another variant of the flaw and bypass the -dSAFER protection to, for example, execute arbitrary shell commands via a specially crafted PostScript d
|
12-02-2023 - 23:32 | 03-12-2018 - 17:29 | |
CVE-2019-14817 | 6.8 |
A flaw was found in, ghostscript versions prior to 9.50, in the .pdfexectoken and other procedures where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could dis
|
16-10-2020 - 13:21 | 03-09-2019 - 16:15 | |
CVE-2019-3839 | 6.8 |
It was found that in ghostscript some privileged operators remained accessible from various places after the CVE-2019-6116 fix. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside o
|
15-10-2020 - 14:31 | 16-05-2019 - 19:29 | |
CVE-2019-3838 | 4.3 |
It was found that the forceput operator could be extracted from the DefineResource method in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the cons
|
15-10-2020 - 14:05 | 25-03-2019 - 19:29 | |
CVE-2019-14869 | 6.8 |
A flaw was found in all versions of ghostscript 9.x before 9.50, where the `.charkeys` procedure, where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating
|
09-10-2020 - 13:12 | 15-11-2019 - 12:15 | |
CVE-2019-10216 | 6.8 |
In ghostscript before version 9.50, the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that coul
|
30-09-2020 - 18:17 | 27-11-2019 - 13:15 | |
CVE-2019-10216 | 6.8 |
In ghostscript before version 9.50, the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that coul
|
30-09-2020 - 18:17 | 27-11-2019 - 13:15 | |
CVE-2018-16542 | 4.3 |
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use insufficient interpreter stack-size checking during error handling to crash the interpreter.
|
24-08-2020 - 17:37 | 05-09-2018 - 18:29 | |
CVE-2018-19409 | 7.5 |
An issue was discovered in Artifex Ghostscript before 9.26. LockSafetyParams is not checked correctly if another device is used.
|
03-10-2019 - 00:03 | 21-11-2018 - 16:29 | |
CVE-2018-16509 | 9.3 |
An issue was discovered in Artifex Ghostscript before 9.24. Incorrect "restoration of privilege" checking during handling of /invalidaccess exceptions could be used by attackers able to supply crafted PostScript to execute code using the "pipe" instr
|
03-10-2019 - 00:03 | 05-09-2018 - 06:29 | |
CVE-2018-16539 | 4.3 |
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect access checking in temp file handling to disclose contents of files on the system otherwise not readable.
|
07-03-2019 - 15:57 | 05-09-2018 - 18:29 | |
CVE-2018-11645 | 5.0 |
psi/zfile.c in Artifex Ghostscript before 9.21rc1 permits the status command even if -dSAFER is used, which might allow remote attackers to determine the existence and size of arbitrary files, a similar issue to CVE-2016-7977.
|
11-11-2018 - 11:29 | 01-06-2018 - 12:29 | |
CVE-2017-7207 | 4.3 |
The mem_get_bits_rectangle function in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted PostScript document.
|
05-01-2018 - 02:31 | 21-03-2017 - 06:59 | |
CVE-2016-8602 | 6.8 |
The .sethalftone5 function in psi/zht2.c in Ghostscript before 9.21 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Postscript document that calls .sethalftone5 with an empty o
|
05-01-2018 - 02:31 | 14-04-2017 - 18:59 | |
CVE-2010-4820 | 4.4 |
Untrusted search path vulnerability in Ghostscript 8.62 allows local users to execute arbitrary PostScript code via a Trojan horse Postscript library file in Encoding/ under the current working directory, a different vulnerability than CVE-2010-2055.
|
02-11-2014 - 00:59 | 27-10-2014 - 01:55 |