| Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2016-7977 | 4.3 |
Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently read arbitrary files via the use of the .libfile operator in a crafted postscript document.
|
18-01-2018 - 18:18 | 23-05-2017 - 04:29 | |
| CVE-2016-7979 | 7.5 |
Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently execute arbitrary code by leveraging type confusion in .initialize_dsc_parser.
|
05-01-2018 - 02:31 | 23-05-2017 - 04:29 | |
| CVE-2016-7978 | 7.5 |
Use-after-free vulnerability in Ghostscript 9.20 might allow remote attackers to execute arbitrary code via vectors related to a reference leak in .setdevice.
|
05-01-2018 - 02:31 | 23-05-2017 - 04:29 | |
| CVE-2016-8602 | 6.8 |
The .sethalftone5 function in psi/zht2.c in Ghostscript before 9.21 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Postscript document that calls .sethalftone5 with an empty o
|
05-01-2018 - 02:31 | 14-04-2017 - 18:59 | |
| CVE-2013-5653 | 4.3 |
The getenv and filenameforall functions in Ghostscript 9.10 ignore the "-dSAFER" argument, which allows remote attackers to read data via a crafted postscript file.
|
05-01-2018 - 02:29 | 07-03-2017 - 15:59 | |
| CVE-2016-7976 | 6.8 |
The PS Interpreter in Ghostscript 9.18 and 9.20 allows remote attackers to execute arbitrary code via crafted userparams.
|
04-11-2017 - 01:29 | 07-08-2017 - 20:29 |