rpm package
suse/ghostscript-library&distro=SUSE Linux Enterprise Server for SAP Applications 11 SP4
pkg:rpm/suse/ghostscript-library&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4
Vulnerabilities (25)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-16542 | — | < 8.62-32.47.13.1 | 8.62-32.47.13.1 | Sep 5, 2018 | In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use insufficient interpreter stack-size checking during error handling to crash the interpreter. | ||
| CVE-2018-16541 | — | < 8.62-32.47.13.1 | 8.62-32.47.13.1 | Sep 5, 2018 | In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect free logic in pagedevice replacement to crash the interpreter. | ||
| CVE-2018-16540 | — | < 8.62-32.47.13.1 | 8.62-32.47.13.1 | Sep 5, 2018 | In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files to the builtin PDF14 converter could use a use-after-free in copydevice handling to crash the interpreter or possibly have unspecified other impact. | ||
| CVE-2018-16513 | — | < 8.62-32.47.13.1 | 8.62-32.47.13.1 | Sep 5, 2018 | In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use a type confusion in the setcolor function to crash the interpreter or possibly have unspecified other impact. | ||
| CVE-2018-16511 | — | < 8.62-32.47.13.1 | 8.62-32.47.13.1 | Sep 5, 2018 | An issue was discovered in Artifex Ghostscript before 9.24. A type confusion in "ztype" could be used by remote attackers able to supply crafted PostScript to crash the interpreter or possibly have unspecified other impact. | ||
| CVE-2018-16509 | — | < 8.62-32.47.13.1 | 8.62-32.47.13.1 | Sep 5, 2018 | An issue was discovered in Artifex Ghostscript before 9.24. Incorrect "restoration of privilege" checking during handling of /invalidaccess exceptions could be used by attackers able to supply crafted PostScript to execute code using the "pipe" instruction. | ||
| CVE-2018-15910 | — | < 8.62-32.47.13.1 | 8.62-32.47.13.1 | Aug 27, 2018 | In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use a type confusion in the LockDistillerParams parameter to crash the interpreter or execute code. | ||
| CVE-2016-9601 | — | < 8.62-32.47.7.1 | 8.62-32.47.7.1 | Apr 23, 2018 | ghostscript before version 9.21 is vulnerable to a heap based buffer overflow that was found in the ghostscript jbig2_decode_gray_scale_image function which is used to decode halftone segments in a JBIG2 image. A document (PostScript or PDF) with an embedded, specially crafted, j | ||
| CVE-2018-10194 | — | < 8.62-32.47.10.1 | 8.62-32.47.10.1 | Apr 18, 2018 | The set_text_distance function in devices/vector/gdevpdts.c in the pdfwrite component in Artifex Ghostscript through 9.22 does not prevent overflows in text-positioning calculation, which allows remote attackers to cause a denial of service (application crash) or possibly have un | ||
| CVE-2017-11714 | Hig | 7.8 | < 8.62-32.47.7.1 | 8.62-32.47.7.1 | Jul 28, 2017 | psi/ztoken.c in Artifex Ghostscript 9.21 mishandles references to the scanner state structure, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PostScript document, related to an out-of-bounds r | |
| CVE-2017-9835 | Hig | 7.8 | < 8.62-32.47.7.1 | 8.62-32.47.7.1 | Jul 26, 2017 | The gs_alloc_ref_array function in psi/ialloc.c in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted PostScript document. This is related to a la | |
| CVE-2017-9739 | Hig | 7.8 | < 8.62-32.47.7.1 | 8.62-32.47.7.1 | Jul 26, 2017 | The Ins_JMPR function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document. | |
| CVE-2017-9727 | Hig | 7.8 | < 8.62-32.47.7.1 | 8.62-32.47.7.1 | Jul 26, 2017 | The gx_ttfReader__Read function in base/gxttfb.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document. | |
| CVE-2017-9726 | Hig | 7.8 | < 8.62-32.47.7.1 | 8.62-32.47.7.1 | Jul 26, 2017 | The Ins_MDRP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document. | |
| CVE-2017-9612 | Hig | 7.8 | < 8.62-32.47.7.1 | 8.62-32.47.7.1 | Jul 26, 2017 | The Ins_IP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact via a crafted document. | |
| CVE-2017-9611 | Hig | 7.8 | < 8.62-32.47.13.1 | 8.62-32.47.13.1 | Jul 26, 2017 | The Ins_MIRP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document. | |
| CVE-2017-9216 | Med | 6.5 | < 8.62-32.47.7.1 | 8.62-32.47.7.1 | May 24, 2017 | libjbig2dec.a in Artifex jbig2dec 0.13, as used in MuPDF and Ghostscript, has a NULL pointer dereference in the jbig2_huffman_get function in jbig2_huffman.c. For example, the jbig2dec utility will crash (segmentation fault) when parsing an invalid file. | |
| CVE-2016-7979 | Cri | 9.8 | < 8.62-32.38.1 | 8.62-32.38.1 | May 23, 2017 | Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently execute arbitrary code by leveraging type confusion in .initialize_dsc_parser. | |
| CVE-2016-7977 | Med | 5.5 | < 8.62-32.38.1 | 8.62-32.38.1 | May 23, 2017 | Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently read arbitrary files via the use of the .libfile operator in a crafted postscript document. | |
| CVE-2017-8291 | Hig | 7.8 | KEV | < 8.62-32.44.1 | 8.62-32.44.1 | Apr 27, 2017 | Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a "/OutputFile (%pipe%" substring in a crafted .eps document that is an input to the gs program, as exploited in the wild in April 2017. |
- CVE-2018-16542Sep 5, 2018affected < 8.62-32.47.13.1fixed 8.62-32.47.13.1
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use insufficient interpreter stack-size checking during error handling to crash the interpreter.
- CVE-2018-16541Sep 5, 2018affected < 8.62-32.47.13.1fixed 8.62-32.47.13.1
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect free logic in pagedevice replacement to crash the interpreter.
- CVE-2018-16540Sep 5, 2018affected < 8.62-32.47.13.1fixed 8.62-32.47.13.1
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files to the builtin PDF14 converter could use a use-after-free in copydevice handling to crash the interpreter or possibly have unspecified other impact.
- CVE-2018-16513Sep 5, 2018affected < 8.62-32.47.13.1fixed 8.62-32.47.13.1
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use a type confusion in the setcolor function to crash the interpreter or possibly have unspecified other impact.
- CVE-2018-16511Sep 5, 2018affected < 8.62-32.47.13.1fixed 8.62-32.47.13.1
An issue was discovered in Artifex Ghostscript before 9.24. A type confusion in "ztype" could be used by remote attackers able to supply crafted PostScript to crash the interpreter or possibly have unspecified other impact.
- CVE-2018-16509Sep 5, 2018affected < 8.62-32.47.13.1fixed 8.62-32.47.13.1
An issue was discovered in Artifex Ghostscript before 9.24. Incorrect "restoration of privilege" checking during handling of /invalidaccess exceptions could be used by attackers able to supply crafted PostScript to execute code using the "pipe" instruction.
- CVE-2018-15910Aug 27, 2018affected < 8.62-32.47.13.1fixed 8.62-32.47.13.1
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use a type confusion in the LockDistillerParams parameter to crash the interpreter or execute code.
- CVE-2016-9601Apr 23, 2018affected < 8.62-32.47.7.1fixed 8.62-32.47.7.1
ghostscript before version 9.21 is vulnerable to a heap based buffer overflow that was found in the ghostscript jbig2_decode_gray_scale_image function which is used to decode halftone segments in a JBIG2 image. A document (PostScript or PDF) with an embedded, specially crafted, j
- CVE-2018-10194Apr 18, 2018affected < 8.62-32.47.10.1fixed 8.62-32.47.10.1
The set_text_distance function in devices/vector/gdevpdts.c in the pdfwrite component in Artifex Ghostscript through 9.22 does not prevent overflows in text-positioning calculation, which allows remote attackers to cause a denial of service (application crash) or possibly have un
- affected < 8.62-32.47.7.1fixed 8.62-32.47.7.1
psi/ztoken.c in Artifex Ghostscript 9.21 mishandles references to the scanner state structure, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PostScript document, related to an out-of-bounds r
- affected < 8.62-32.47.7.1fixed 8.62-32.47.7.1
The gs_alloc_ref_array function in psi/ialloc.c in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted PostScript document. This is related to a la
- affected < 8.62-32.47.7.1fixed 8.62-32.47.7.1
The Ins_JMPR function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document.
- affected < 8.62-32.47.7.1fixed 8.62-32.47.7.1
The gx_ttfReader__Read function in base/gxttfb.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document.
- affected < 8.62-32.47.7.1fixed 8.62-32.47.7.1
The Ins_MDRP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document.
- affected < 8.62-32.47.7.1fixed 8.62-32.47.7.1
The Ins_IP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact via a crafted document.
- affected < 8.62-32.47.13.1fixed 8.62-32.47.13.1
The Ins_MIRP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document.
- affected < 8.62-32.47.7.1fixed 8.62-32.47.7.1
libjbig2dec.a in Artifex jbig2dec 0.13, as used in MuPDF and Ghostscript, has a NULL pointer dereference in the jbig2_huffman_get function in jbig2_huffman.c. For example, the jbig2dec utility will crash (segmentation fault) when parsing an invalid file.
- affected < 8.62-32.38.1fixed 8.62-32.38.1
Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently execute arbitrary code by leveraging type confusion in .initialize_dsc_parser.
- affected < 8.62-32.38.1fixed 8.62-32.38.1
Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently read arbitrary files via the use of the .libfile operator in a crafted postscript document.
- affected < 8.62-32.44.1fixed 8.62-32.44.1
Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a "/OutputFile (%pipe%" substring in a crafted .eps document that is an input to the gs program, as exploited in the wild in April 2017.
Page 1 of 2