VYPR

rpm package

opensuse/ghostscript&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/ghostscript&distro=openSUSE%20Tumbleweed

Vulnerabilities (85)

  • CVE-2016-10218MedApr 3, 2017
    affected < 9.54.0-2.2fixed 9.54.0-2.2

    The pdf14_pop_transparency_group function in base/gdevp14.c in the PDF Transparency module in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file.

  • CVE-2016-10217MedApr 3, 2017
    affected < 9.54.0-2.2fixed 9.54.0-2.2

    The pdf14_open function in base/gdevp14.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted file that is mishandled in the color management module.

  • CVE-2017-7207MedMar 21, 2017
    affected < 9.54.0-2.2fixed 9.54.0-2.2

    The mem_get_bits_rectangle function in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted PostScript document.

  • CVE-2013-5653MedMar 7, 2017
    affected < 9.20-2.1fixed 9.20-2.1

    The getenv and filenameforall functions in Ghostscript 9.10 ignore the "-dSAFER" argument, which allows remote attackers to read data via a crafted postscript file.

  • CVE-2015-3228Aug 11, 2015
    affected < 9.20-2.1fixed 9.20-2.1

    Integer overflow in the gs_heap_alloc_bytes function in base/gsmalloc.c in Ghostscript 9.15 and earlier allows remote attackers to cause a denial of service (crash) via a crafted Postscript (ps) file, as demonstrated by using the ps2pdf command, which triggers an out-of-bounds re

Page 5 of 5