Vendor CVEs
Artifex
All CVEs
270 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-16305 | 0.00 | — | 0.02 | Aug 13, 2020 | A buffer overflow vulnerability in pcx_write_rle() in contrib/japanese/gdev10v.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51. | |||
| CVE-2020-16304 | 0.00 | — | 0.02 | Aug 13, 2020 | A buffer overflow vulnerability in image_render_color_thresh() in base/gxicolor.c of Artifex Software GhostScript v9.18 to v9.50 allows a remote attacker to escalate privileges via a crafted eps file. This is fixed in v9.51. | |||
| CVE-2020-16303 | 0.00 | — | 0.02 | Aug 13, 2020 | A use-after-free vulnerability in xps_finish_image_path() in devices/vector/gdevxps.c of Artifex Software GhostScript v9.50 allows a remote attacker to escalate privileges via a crafted PDF file. This is fixed in v9.51. | |||
| CVE-2020-16302 | 0.00 | — | 0.02 | Aug 13, 2020 | A buffer overflow vulnerability in jetp3852_print_page() in devices/gdev3852.c of Artifex Software GhostScript v9.50 allows a remote attacker to escalate privileges via a crafted PDF file. This is fixed in v9.51. | |||
| CVE-2020-16301 | 0.00 | — | 0.02 | Aug 13, 2020 | A buffer overflow vulnerability in okiibm_print_page1() in devices/gdevokii.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51. | |||
| CVE-2020-16300 | 0.00 | — | 0.02 | Aug 13, 2020 | A buffer overflow vulnerability in tiff12_print_page() in devices/gdevtfnx.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51. | |||
| CVE-2020-16299 | 0.00 | — | 0.02 | Aug 13, 2020 | A Division by Zero vulnerability in bj10v_print_page() in contrib/japanese/gdev10v.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51. | |||
| CVE-2020-16298 | 0.00 | — | 0.02 | Aug 13, 2020 | A buffer overflow vulnerability in mj_color_correct() in contrib/japanese/gdevmjc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51. | |||
| CVE-2020-16297 | 0.00 | — | 0.02 | Aug 13, 2020 | A buffer overflow vulnerability in FloydSteinbergDitheringC() in contrib/gdevbjca.c of Artifex Software GhostScript v9.18 to v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51. | |||
| CVE-2020-16296 | 0.00 | — | 0.02 | Aug 13, 2020 | A buffer overflow vulnerability in GetNumWrongData() in contrib/lips4/gdevlips.c of Artifex Software GhostScript from v9.18 to v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51. | |||
| CVE-2020-16295 | 0.00 | — | 0.02 | Aug 13, 2020 | A null pointer dereference vulnerability in clj_media_size() in devices/gdevclj.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51. | |||
| CVE-2020-16294 | 0.00 | — | 0.02 | Aug 13, 2020 | A buffer overflow vulnerability in epsc_print_page() in devices/gdevepsc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51. | |||
| CVE-2020-16293 | 0.00 | — | 0.02 | Aug 13, 2020 | A null pointer dereference vulnerability in compose_group_nonknockout_nonblend_isolated_allmask_common() in base/gxblend.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51. | |||
| CVE-2020-16292 | 0.00 | — | 0.02 | Aug 13, 2020 | A buffer overflow vulnerability in mj_raster_cmd() in contrib/japanese/gdevmjc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51. | |||
| CVE-2020-16291 | 0.00 | — | 0.02 | Aug 13, 2020 | A buffer overflow vulnerability in contrib/gdevdj9.c of Artifex Software GhostScript v9.18 to v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51. | |||
| CVE-2020-16290 | 0.00 | — | 0.02 | Aug 13, 2020 | A buffer overflow vulnerability in jetp3852_print_page() in devices/gdev3852.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51. | |||
| CVE-2020-16289 | 0.00 | — | 0.02 | Aug 13, 2020 | A buffer overflow vulnerability in cif_print_page() in devices/gdevcif.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51. | |||
| CVE-2020-16288 | 0.00 | — | 0.02 | Aug 13, 2020 | A buffer overflow vulnerability in pj_common_print_page() in devices/gdevpjet.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51. | |||
| CVE-2020-16287 | 0.00 | — | 0.02 | Aug 13, 2020 | A buffer overflow vulnerability in lprn_is_black() in contrib/lips4/gdevlprn.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51. | |||
| CVE-2020-15900 | 0.00 | — | 0.05 | Jul 28, 2020 | A memory corruption issue was found in Artifex Ghostscript 9.50 and 9.52. Use of a non-standard PostScript operator can allow overriding of file access controls. The 'rsearch' calculation for the 'post' size resulted in a size that was too large, and could underflow to max… | |||
| CVE-2020-12268 | 0.00 | — | 0.03 | Apr 27, 2020 | jbig2_image_compose in jbig2_image.c in Artifex jbig2dec before 0.18 has a heap-based buffer overflow. | |||
| CVE-2019-14812 | 0.00 | — | 0.02 | Nov 27, 2019 | A flaw was found in all ghostscript versions 9.x before 9.50, in the .setuserparams2 procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then… | |||
| CVE-2019-10216 | 0.00 | — | 0.02 | Nov 27, 2019 | In ghostscript before version 9.50, the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges and… | |||
| CVE-2019-14869 | 0.00 | — | 0.03 | Nov 15, 2019 | A flaw was found in all versions of ghostscript 9.x before 9.50, where the `.charkeys` procedure, where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially crafted… | |||
| CVE-2019-14817 | 0.00 | — | 0.02 | Sep 3, 2019 | A flaw was found in, ghostscript versions prior to 9.50, in the .pdfexectoken and other procedures where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and… | |||
| CVE-2019-14811 | 0.00 | — | 0.04 | Sep 3, 2019 | A flaw was found in, ghostscript versions prior to 9.50, in the .pdf_hook_DSC_Creator procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and… | |||
| CVE-2019-14975 | 0.00 | — | 0.01 | Aug 14, 2019 | Artifex MuPDF before 1.16.0 has a heap-based buffer over-read in fz_chartorune in fitz/string.c because pdf/pdf-op-filter.c does not check for a missing string. | |||
| CVE-2019-13290 | 0.00 | — | 0.03 | Jul 4, 2019 | Artifex MuPDF 1.15.0 has a heap-based buffer overflow in fz_append_display_node located at fitz/list-device.c, allowing remote attackers to execute arbitrary code via a crafted PDF file. This occurs with a large BDC property name that overflows the allocated size of a display… | |||
| CVE-2019-7321 | 0.00 | — | 0.03 | Jun 13, 2019 | Usage of an uninitialized variable in the function fz_load_jpeg in Artifex MuPDF 1.14 can result in a heap overflow vulnerability that allows an attacker to execute arbitrary code. | |||
| CVE-2019-12798 | 0.00 | — | 0.02 | Jun 13, 2019 | An issue was discovered in Artifex MuJS 1.0.5. regcompx in regexp.c does not restrict regular expression program size, leading to an overflow of the parsed syntax list size. | |||
| CVE-2017-15652 | 0.00 | — | 0.01 | May 23, 2019 | Artifex Ghostscript 9.22 is affected by: Obtain Information. The impact is: obtain sensitive information. The component is: affected source code file, affected function, affected executable, affected libga (imagemagick used that). The attack vector is: Someone must open a… | |||
| CVE-2019-3839 | 0.00 | — | 0.02 | May 16, 2019 | It was found that in ghostscript some privileged operators remained accessible from various places after the CVE-2019-6116 fix. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by… | |||
| CVE-2019-11413 | 0.00 | — | 0.02 | Apr 21, 2019 | An issue was discovered in Artifex MuJS 1.0.5. It has unlimited recursion because the match function in regexp.c lacks a depth check. | |||
| CVE-2019-11412 | 0.00 | — | 0.02 | Apr 21, 2019 | An issue was discovered in Artifex MuJS 1.0.5. jscompile.c can cause a denial of service (invalid stack-frame jump) because it lacks an ENDTRY opcode call. | |||
| CVE-2019-11411 | 0.00 | — | 0.03 | Apr 21, 2019 | An issue was discovered in Artifex MuJS 1.0.5. The Number#toFixed() and numtostr implementations in jsnumber.c have a stack-based buffer overflow. | |||
| CVE-2019-3835 | 0.00 | — | 0.03 | Mar 25, 2019 | It was found that the superexec operator was available in the internal dictionary in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER. | |||
| CVE-2019-3838 | 0.00 | — | 0.03 | Mar 25, 2019 | It was found that the forceput operator could be extracted from the DefineResource method in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER. | |||
| CVE-2019-6130 | 0.00 | — | 0.02 | Jan 11, 2019 | Artifex MuPDF 1.14.0 has a SEGV in the function fz_load_page of the fitz/document.c file, as demonstrated by mutool. This is related to page-number mishandling in cbz/mucbz.c, cbz/muimg.c, and svg/svg-doc.c. | |||
| CVE-2019-6131 | 0.00 | — | 0.02 | Jan 11, 2019 | svg-run.c in Artifex MuPDF 1.14.0 has infinite recursion with stack consumption in svg_run_use_symbol, svg_run_element, and svg_run_use, as demonstrated by mutool. | |||
| CVE-2018-19478 | 0.00 | — | 0.02 | Jan 2, 2019 | In Artifex Ghostscript before 9.26, a carefully crafted PDF file can trigger an extremely long running computation when parsing the file. | |||
| CVE-2018-19134 | 0.00 | — | 0.03 | Dec 20, 2018 | In Artifex Ghostscript through 9.25, the setpattern operator did not properly validate certain types. A specially crafted PostScript document could exploit this to crash Ghostscript or, possibly, execute arbitrary code in the context of the Ghostscript process. This is a type… | |||
| CVE-2018-19881 | 0.00 | — | 0.02 | Dec 6, 2018 | In Artifex MuPDF 1.14.0, svg/svg-run.c allows remote attackers to cause a denial of service (recursive calls followed by a fitz/xml.c fz_xml_att crash from excessive stack consumption) via a crafted svg file, as demonstrated by mupdf-gl. | |||
| CVE-2018-19882 | 0.00 | — | 0.01 | Dec 6, 2018 | In Artifex MuPDF 1.14.0, the svg_run_image function in svg/svg-run.c allows remote attackers to cause a denial of service (href_att NULL pointer dereference and application crash) via a crafted svg file, as demonstrated by mupdf-gl. | |||
| CVE-2018-16863 | 0.00 | — | 0.01 | Dec 3, 2018 | It was found that RHSA-2018:2918 did not fully fix CVE-2018-16509. An attacker could possibly exploit another variant of the flaw and bypass the -dSAFER protection to, for example, execute arbitrary shell commands via a specially crafted PostScript document. This only affects… | |||
| CVE-2018-19777 | 0.00 | — | 0.01 | Nov 30, 2018 | In Artifex MuPDF 1.14.0, there is an infinite loop in the function svg_dev_end_tile in fitz/svg-device.c, as demonstrated by mutool. | |||
| CVE-2018-19477 | 0.00 | — | 0.03 | Nov 23, 2018 | psi/zfjbig2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because of a JBIG2Decode type confusion. | |||
| CVE-2018-19476 | 0.00 | — | 0.03 | Nov 23, 2018 | psi/zicc.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because of a setcolorspace type confusion. | |||
| CVE-2018-18662 | 0.00 | — | 0.02 | Oct 26, 2018 | There is an out-of-bounds read in fz_run_t3_glyph in fitz/font.c in Artifex MuPDF 1.14.0, as demonstrated by mutool. | |||
| CVE-2018-18284 | 0.00 | — | 0.16 | Oct 19, 2018 | Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving the 1Policy operator. | |||
| CVE-2018-18073 | 0.00 | — | 0.03 | Oct 15, 2018 | Artifex Ghostscript allows attackers to bypass a sandbox protection mechanism by leveraging exposure of system operators in the saved execution stack in an error object. |
- CVE-2020-16305Aug 13, 2020risk 0.00cvss —epss 0.02
A buffer overflow vulnerability in pcx_write_rle() in contrib/japanese/gdev10v.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
- CVE-2020-16304Aug 13, 2020risk 0.00cvss —epss 0.02
A buffer overflow vulnerability in image_render_color_thresh() in base/gxicolor.c of Artifex Software GhostScript v9.18 to v9.50 allows a remote attacker to escalate privileges via a crafted eps file. This is fixed in v9.51.
- CVE-2020-16303Aug 13, 2020risk 0.00cvss —epss 0.02
A use-after-free vulnerability in xps_finish_image_path() in devices/vector/gdevxps.c of Artifex Software GhostScript v9.50 allows a remote attacker to escalate privileges via a crafted PDF file. This is fixed in v9.51.
- CVE-2020-16302Aug 13, 2020risk 0.00cvss —epss 0.02
A buffer overflow vulnerability in jetp3852_print_page() in devices/gdev3852.c of Artifex Software GhostScript v9.50 allows a remote attacker to escalate privileges via a crafted PDF file. This is fixed in v9.51.
- CVE-2020-16301Aug 13, 2020risk 0.00cvss —epss 0.02
A buffer overflow vulnerability in okiibm_print_page1() in devices/gdevokii.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
- CVE-2020-16300Aug 13, 2020risk 0.00cvss —epss 0.02
A buffer overflow vulnerability in tiff12_print_page() in devices/gdevtfnx.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
- CVE-2020-16299Aug 13, 2020risk 0.00cvss —epss 0.02
A Division by Zero vulnerability in bj10v_print_page() in contrib/japanese/gdev10v.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
- CVE-2020-16298Aug 13, 2020risk 0.00cvss —epss 0.02
A buffer overflow vulnerability in mj_color_correct() in contrib/japanese/gdevmjc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
- CVE-2020-16297Aug 13, 2020risk 0.00cvss —epss 0.02
A buffer overflow vulnerability in FloydSteinbergDitheringC() in contrib/gdevbjca.c of Artifex Software GhostScript v9.18 to v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
- CVE-2020-16296Aug 13, 2020risk 0.00cvss —epss 0.02
A buffer overflow vulnerability in GetNumWrongData() in contrib/lips4/gdevlips.c of Artifex Software GhostScript from v9.18 to v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
- CVE-2020-16295Aug 13, 2020risk 0.00cvss —epss 0.02
A null pointer dereference vulnerability in clj_media_size() in devices/gdevclj.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
- CVE-2020-16294Aug 13, 2020risk 0.00cvss —epss 0.02
A buffer overflow vulnerability in epsc_print_page() in devices/gdevepsc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
- CVE-2020-16293Aug 13, 2020risk 0.00cvss —epss 0.02
A null pointer dereference vulnerability in compose_group_nonknockout_nonblend_isolated_allmask_common() in base/gxblend.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
- CVE-2020-16292Aug 13, 2020risk 0.00cvss —epss 0.02
A buffer overflow vulnerability in mj_raster_cmd() in contrib/japanese/gdevmjc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
- CVE-2020-16291Aug 13, 2020risk 0.00cvss —epss 0.02
A buffer overflow vulnerability in contrib/gdevdj9.c of Artifex Software GhostScript v9.18 to v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
- CVE-2020-16290Aug 13, 2020risk 0.00cvss —epss 0.02
A buffer overflow vulnerability in jetp3852_print_page() in devices/gdev3852.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
- CVE-2020-16289Aug 13, 2020risk 0.00cvss —epss 0.02
A buffer overflow vulnerability in cif_print_page() in devices/gdevcif.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
- CVE-2020-16288Aug 13, 2020risk 0.00cvss —epss 0.02
A buffer overflow vulnerability in pj_common_print_page() in devices/gdevpjet.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
- CVE-2020-16287Aug 13, 2020risk 0.00cvss —epss 0.02
A buffer overflow vulnerability in lprn_is_black() in contrib/lips4/gdevlprn.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
- CVE-2020-15900Jul 28, 2020risk 0.00cvss —epss 0.05
A memory corruption issue was found in Artifex Ghostscript 9.50 and 9.52. Use of a non-standard PostScript operator can allow overriding of file access controls. The 'rsearch' calculation for the 'post' size resulted in a size that was too large, and could underflow to max…
- CVE-2020-12268Apr 27, 2020risk 0.00cvss —epss 0.03
jbig2_image_compose in jbig2_image.c in Artifex jbig2dec before 0.18 has a heap-based buffer overflow.
- CVE-2019-14812Nov 27, 2019risk 0.00cvss —epss 0.02
A flaw was found in all ghostscript versions 9.x before 9.50, in the .setuserparams2 procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then…
- CVE-2019-10216Nov 27, 2019risk 0.00cvss —epss 0.02
In ghostscript before version 9.50, the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges and…
- CVE-2019-14869Nov 15, 2019risk 0.00cvss —epss 0.03
A flaw was found in all versions of ghostscript 9.x before 9.50, where the `.charkeys` procedure, where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially crafted…
- CVE-2019-14817Sep 3, 2019risk 0.00cvss —epss 0.02
A flaw was found in, ghostscript versions prior to 9.50, in the .pdfexectoken and other procedures where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and…
- CVE-2019-14811Sep 3, 2019risk 0.00cvss —epss 0.04
A flaw was found in, ghostscript versions prior to 9.50, in the .pdf_hook_DSC_Creator procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and…
- CVE-2019-14975Aug 14, 2019risk 0.00cvss —epss 0.01
Artifex MuPDF before 1.16.0 has a heap-based buffer over-read in fz_chartorune in fitz/string.c because pdf/pdf-op-filter.c does not check for a missing string.
- CVE-2019-13290Jul 4, 2019risk 0.00cvss —epss 0.03
Artifex MuPDF 1.15.0 has a heap-based buffer overflow in fz_append_display_node located at fitz/list-device.c, allowing remote attackers to execute arbitrary code via a crafted PDF file. This occurs with a large BDC property name that overflows the allocated size of a display…
- CVE-2019-7321Jun 13, 2019risk 0.00cvss —epss 0.03
Usage of an uninitialized variable in the function fz_load_jpeg in Artifex MuPDF 1.14 can result in a heap overflow vulnerability that allows an attacker to execute arbitrary code.
- CVE-2019-12798Jun 13, 2019risk 0.00cvss —epss 0.02
An issue was discovered in Artifex MuJS 1.0.5. regcompx in regexp.c does not restrict regular expression program size, leading to an overflow of the parsed syntax list size.
- CVE-2017-15652May 23, 2019risk 0.00cvss —epss 0.01
Artifex Ghostscript 9.22 is affected by: Obtain Information. The impact is: obtain sensitive information. The component is: affected source code file, affected function, affected executable, affected libga (imagemagick used that). The attack vector is: Someone must open a…
- CVE-2019-3839May 16, 2019risk 0.00cvss —epss 0.02
It was found that in ghostscript some privileged operators remained accessible from various places after the CVE-2019-6116 fix. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by…
- CVE-2019-11413Apr 21, 2019risk 0.00cvss —epss 0.02
An issue was discovered in Artifex MuJS 1.0.5. It has unlimited recursion because the match function in regexp.c lacks a depth check.
- CVE-2019-11412Apr 21, 2019risk 0.00cvss —epss 0.02
An issue was discovered in Artifex MuJS 1.0.5. jscompile.c can cause a denial of service (invalid stack-frame jump) because it lacks an ENDTRY opcode call.
- CVE-2019-11411Apr 21, 2019risk 0.00cvss —epss 0.03
An issue was discovered in Artifex MuJS 1.0.5. The Number#toFixed() and numtostr implementations in jsnumber.c have a stack-based buffer overflow.
- CVE-2019-3835Mar 25, 2019risk 0.00cvss —epss 0.03
It was found that the superexec operator was available in the internal dictionary in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER.
- CVE-2019-3838Mar 25, 2019risk 0.00cvss —epss 0.03
It was found that the forceput operator could be extracted from the DefineResource method in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER.
- CVE-2019-6130Jan 11, 2019risk 0.00cvss —epss 0.02
Artifex MuPDF 1.14.0 has a SEGV in the function fz_load_page of the fitz/document.c file, as demonstrated by mutool. This is related to page-number mishandling in cbz/mucbz.c, cbz/muimg.c, and svg/svg-doc.c.
- CVE-2019-6131Jan 11, 2019risk 0.00cvss —epss 0.02
svg-run.c in Artifex MuPDF 1.14.0 has infinite recursion with stack consumption in svg_run_use_symbol, svg_run_element, and svg_run_use, as demonstrated by mutool.
- CVE-2018-19478Jan 2, 2019risk 0.00cvss —epss 0.02
In Artifex Ghostscript before 9.26, a carefully crafted PDF file can trigger an extremely long running computation when parsing the file.
- CVE-2018-19134Dec 20, 2018risk 0.00cvss —epss 0.03
In Artifex Ghostscript through 9.25, the setpattern operator did not properly validate certain types. A specially crafted PostScript document could exploit this to crash Ghostscript or, possibly, execute arbitrary code in the context of the Ghostscript process. This is a type…
- CVE-2018-19881Dec 6, 2018risk 0.00cvss —epss 0.02
In Artifex MuPDF 1.14.0, svg/svg-run.c allows remote attackers to cause a denial of service (recursive calls followed by a fitz/xml.c fz_xml_att crash from excessive stack consumption) via a crafted svg file, as demonstrated by mupdf-gl.
- CVE-2018-19882Dec 6, 2018risk 0.00cvss —epss 0.01
In Artifex MuPDF 1.14.0, the svg_run_image function in svg/svg-run.c allows remote attackers to cause a denial of service (href_att NULL pointer dereference and application crash) via a crafted svg file, as demonstrated by mupdf-gl.
- CVE-2018-16863Dec 3, 2018risk 0.00cvss —epss 0.01
It was found that RHSA-2018:2918 did not fully fix CVE-2018-16509. An attacker could possibly exploit another variant of the flaw and bypass the -dSAFER protection to, for example, execute arbitrary shell commands via a specially crafted PostScript document. This only affects…
- CVE-2018-19777Nov 30, 2018risk 0.00cvss —epss 0.01
In Artifex MuPDF 1.14.0, there is an infinite loop in the function svg_dev_end_tile in fitz/svg-device.c, as demonstrated by mutool.
- CVE-2018-19477Nov 23, 2018risk 0.00cvss —epss 0.03
psi/zfjbig2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because of a JBIG2Decode type confusion.
- CVE-2018-19476Nov 23, 2018risk 0.00cvss —epss 0.03
psi/zicc.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because of a setcolorspace type confusion.
- CVE-2018-18662Oct 26, 2018risk 0.00cvss —epss 0.02
There is an out-of-bounds read in fz_run_t3_glyph in fitz/font.c in Artifex MuPDF 1.14.0, as demonstrated by mutool.
- CVE-2018-18284Oct 19, 2018risk 0.00cvss —epss 0.16
Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving the 1Policy operator.
- CVE-2018-18073Oct 15, 2018risk 0.00cvss —epss 0.03
Artifex Ghostscript allows attackers to bypass a sandbox protection mechanism by leveraging exposure of system operators in the saved execution stack in an error object.
Page 5 of 6