Filtered by vendor Artifex
Subscribe
Search
Total
208 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-19777 | 2 Artifex, Debian | 2 Mupdf, Debian Linux | 2019-11-12 | 4.3 MEDIUM | 5.5 MEDIUM |
| In Artifex MuPDF 1.14.0, there is an infinite loop in the function svg_dev_end_tile in fitz/svg-device.c, as demonstrated by mutool. | |||||
| CVE-2018-15910 | 5 Artifex, Canonical, Debian and 2 more | 9 Ghostscript, Gpl Ghostscript, Ubuntu Linux and 6 more | 2019-11-05 | 6.8 MEDIUM | 7.8 HIGH |
| In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use a type confusion in the LockDistillerParams parameter to crash the interpreter or execute code. | |||||
| CVE-2018-16513 | 4 Artifex, Canonical, Debian and 1 more | 5 Ghostscript, Gpl Ghostscript, Ubuntu Linux and 2 more | 2019-11-05 | 6.8 MEDIUM | 7.8 HIGH |
| In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use a type confusion in the setcolor function to crash the interpreter or possibly have unspecified other impact. | |||||
| CVE-2018-18284 | 5 Artifex, Canonical, Debian and 2 more | 11 Ghostscript, Gpl Ghostscript, Ubuntu Linux and 8 more | 2019-11-05 | 6.8 MEDIUM | 8.6 HIGH |
| Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving the 1Policy operator. | |||||
| CVE-2018-15909 | 5 Artifex, Canonical, Debian and 2 more | 11 Ghostscript, Gpl Ghostscript, Ubuntu Linux and 8 more | 2019-10-16 | 6.8 MEDIUM | 7.8 HIGH |
| In Artifex Ghostscript 9.23 before 2018-08-24, a type confusion using the .shfill operator could be used by attackers able to supply crafted PostScript files to crash the interpreter or potentially execute code. | |||||
| CVE-2018-16863 | 2 Artifex, Redhat | 7 Ghostscript, Enterprise Linux Desktop, Enterprise Linux Server and 4 more | 2019-10-09 | 9.3 HIGH | 7.8 HIGH |
| It was found that RHSA-2018:2918 did not fully fix CVE-2018-16509. An attacker could possibly exploit another variant of the flaw and bypass the -dSAFER protection to, for example, execute arbitrary shell commands via a specially crafted PostScript document. This only affects ghostscript 9.07 as shipped with Red Hat Enterprise Linux 7. | |||||
| CVE-2016-9601 | 2 Artifex, Debian | 3 Gpl Ghostscript, Jbig2dec, Debian Linux | 2019-10-09 | 4.3 MEDIUM | 5.5 MEDIUM |
| ghostscript before version 9.21 is vulnerable to a heap based buffer overflow that was found in the ghostscript jbig2_decode_gray_scale_image function which is used to decode halftone segments in a JBIG2 image. A document (PostScript or PDF) with an embedded, specially crafted, jbig2 image could trigger a segmentation fault in ghostscript. | |||||
| CVE-2018-16585 | 3 Artifex, Canonical, Debian | 3 Ghostscript, Ubuntu Linux, Debian Linux | 2019-10-09 | 6.8 MEDIUM | 7.8 HIGH |
| ** DISPUTED ** An issue was discovered in Artifex Ghostscript before 9.24. The .setdistillerkeys PostScript command is accepted even though it is not intended for use during document processing (e.g., after the startup phase). This leads to memory corruption, allowing remote attackers able to supply crafted PostScript to crash the interpreter or possibly have unspecified other impact. Note: A reputable source believes that the CVE is potentially a duplicate of CVE-2018-15910 as explained in Red Hat bugzilla (https://bugzilla.redhat.com/show_bug.cgi?id=1626193). | |||||
| CVE-2018-16802 | 4 Artifex, Canonical, Debian and 1 more | 9 Ghostscript, Ubuntu Linux, Debian Linux and 6 more | 2019-10-03 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in Artifex Ghostscript before 9.25. Incorrect "restoration of privilege" checking when running out of stack during exception handling could be used by attackers able to supply crafted PostScript to execute code using the "pipe" instruction. This is due to an incomplete fix for CVE-2018-16509. | |||||
| CVE-2018-16509 | 4 Artifex, Canonical, Debian and 1 more | 8 Ghostscript, Gpl Ghostscript, Ubuntu Linux and 5 more | 2019-10-03 | 9.3 HIGH | 7.8 HIGH |
| An issue was discovered in Artifex Ghostscript before 9.24. Incorrect "restoration of privilege" checking during handling of /invalidaccess exceptions could be used by attackers able to supply crafted PostScript to execute code using the "pipe" instruction. | |||||
| CVE-2017-9727 | 2 Artifex, Debian | 2 Ghostscript Ghostxps, Debian Linux | 2019-10-03 | 6.8 MEDIUM | 7.8 HIGH |
| The gx_ttfReader__Read function in base/gxttfb.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document. | |||||
| CVE-2018-17961 | 4 Artifex, Canonical, Debian and 1 more | 9 Ghostscript, Ubuntu Linux, Debian Linux and 6 more | 2019-10-03 | 6.8 MEDIUM | 8.6 HIGH |
| Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving errorhandler setup. NOTE: this issue exists because of an incomplete fix for CVE-2018-17183. | |||||
| CVE-2018-5759 | 1 Artifex | 1 Mujs | 2019-10-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| jsparse.c in Artifex MuJS through 1.0.2 does not properly maintain the AST depth for binary expressions, which allows remote attackers to cause a denial of service (excessive recursion) via a crafted file. | |||||
| CVE-2017-9620 | 1 Artifex | 1 Ghostscript Ghostxps | 2019-10-03 | 6.8 MEDIUM | 7.8 HIGH |
| The xps_select_font_encoding function in xps/xpsfont.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document, related to the xps_encode_font_char_imp function. | |||||
| CVE-2018-6544 | 2 Artifex, Debian | 2 Mupdf, Debian Linux | 2019-10-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| pdf_load_obj_stm in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 could reference the object stream recursively and therefore run out of error stack, which allows remote attackers to cause a denial of service via a crafted PDF document. | |||||
| CVE-2017-9726 | 2 Artifex, Debian | 2 Ghostscript Ghostxps, Debian Linux | 2019-10-03 | 6.8 MEDIUM | 7.8 HIGH |
| The Ins_MDRP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document. | |||||
| CVE-2017-9835 | 2 Artifex, Debian | 2 Ghostscript, Debian Linux | 2019-10-03 | 6.8 MEDIUM | 7.8 HIGH |
| The gs_alloc_ref_array function in psi/ialloc.c in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted PostScript document. This is related to a lack of an integer overflow check in base/gsalloc.c. | |||||
| CVE-2017-9740 | 1 Artifex | 1 Ghostscript Ghostxps | 2019-10-03 | 6.8 MEDIUM | 7.8 HIGH |
| The xps_decode_font_char_imp function in xps/xpsfont.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document. | |||||
| CVE-2017-9739 | 2 Artifex, Debian | 2 Ghostscript Ghostxps, Debian Linux | 2019-10-03 | 6.8 MEDIUM | 7.8 HIGH |
| The Ins_JMPR function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document. | |||||
| CVE-2018-19409 | 4 Artifex, Canonical, Debian and 1 more | 8 Ghostscript, Ubuntu Linux, Debian Linux and 5 more | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Artifex Ghostscript before 9.26. LockSafetyParams is not checked correctly if another device is used. | |||||
| CVE-2018-19475 | 4 Artifex, Canonical, Debian and 1 more | 10 Ghostscript, Ubuntu Linux, Debian Linux and 7 more | 2019-10-03 | 6.8 MEDIUM | 7.8 HIGH |
| psi/zdevice2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because available stack space is not checked when the device remains the same. | |||||
| CVE-2017-9610 | 1 Artifex | 1 Ghostscript Ghostxps | 2019-10-03 | 6.8 MEDIUM | 7.8 HIGH |
| The xps_load_sfnt_name function in xps/xpsfont.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document. | |||||
| CVE-2017-9612 | 2 Artifex, Debian | 2 Ghostscript Ghostxps, Debian Linux | 2019-10-03 | 6.8 MEDIUM | 7.8 HIGH |
| The Ins_IP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact via a crafted document. | |||||
| CVE-2018-15908 | 4 Artifex, Canonical, Debian and 1 more | 8 Ghostscript, Ubuntu Linux, Debian Linux and 5 more | 2019-10-03 | 6.8 MEDIUM | 7.8 HIGH |
| In Artifex Ghostscript 9.23 before 2018-08-23, attackers are able to supply malicious PostScript files to bypass .tempfile restrictions and write files. | |||||
| CVE-2019-14975 | 1 Artifex | 1 Mupdf | 2019-08-26 | 5.8 MEDIUM | 7.1 HIGH |
| Artifex MuPDF before 1.16.0 has a heap-based buffer over-read in fz_chartorune in fitz/string.c because pdf/pdf-op-filter.c does not check for a missing string. | |||||
| CVE-2018-10194 | 4 Artifex, Canonical, Debian and 1 more | 9 Ghostscript, Ubuntu Linux, Debian Linux and 6 more | 2019-07-24 | 6.8 MEDIUM | 7.8 HIGH |
| The set_text_distance function in devices/vector/gdevpdts.c in the pdfwrite component in Artifex Ghostscript through 9.22 does not prevent overflows in text-positioning calculation, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document. | |||||
| CVE-2018-6192 | 2 Artifex, Debian | 2 Mupdf, Debian Linux | 2019-06-28 | 4.3 MEDIUM | 5.5 MEDIUM |
| In Artifex MuPDF 1.12.0, the pdf_read_new_xref function in pdf/pdf-xref.c allows remote attackers to cause a denial of service (segmentation violation and application crash) via a crafted pdf file. | |||||
| CVE-2019-12798 | 1 Artifex | 1 Mujs | 2019-06-17 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Artifex MuJS 1.0.5. regcompx in regexp.c does not restrict regular expression program size, leading to an overflow of the parsed syntax list size. | |||||
| CVE-2017-15652 | 1 Artifex | 1 Ghostscript | 2019-05-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| Artifex Ghostscript 9.22 is affected by: Obtain Information. The impact is: obtain sensitive information. The component is: affected source code file, affected function, affected executable, affected libga (imagemagick used that). The attack vector is: Someone must open a postscript file though ghostscript. Because of imagemagick also use libga, so it was affected as well. | |||||
| CVE-2018-19882 | 1 Artifex | 1 Mupdf | 2019-05-25 | 4.3 MEDIUM | 5.5 MEDIUM |
| In Artifex MuPDF 1.14.0, the svg_run_image function in svg/svg-run.c allows remote attackers to cause a denial of service (href_att NULL pointer dereference and application crash) via a crafted svg file, as demonstrated by mupdf-gl. | |||||
| CVE-2018-19881 | 1 Artifex | 1 Mupdf | 2019-05-25 | 4.3 MEDIUM | 5.5 MEDIUM |
| In Artifex MuPDF 1.14.0, svg/svg-run.c allows remote attackers to cause a denial of service (recursive calls followed by a fitz/xml.c fz_xml_att crash from excessive stack consumption) via a crafted svg file, as demonstrated by mupdf-gl. | |||||
| CVE-2018-16540 | 4 Artifex, Canonical, Debian and 1 more | 11 Ghostscript, Ubuntu Linux, Debian Linux and 8 more | 2019-04-25 | 6.8 MEDIUM | 7.8 HIGH |
| In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files to the builtin PDF14 converter could use a use-after-free in copydevice handling to crash the interpreter or possibly have unspecified other impact. | |||||
| CVE-2018-19476 | 4 Artifex, Canonical, Debian and 1 more | 10 Ghostscript, Ubuntu Linux, Debian Linux and 7 more | 2019-04-25 | 6.8 MEDIUM | 7.8 HIGH |
| psi/zicc.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because of a setcolorspace type confusion. | |||||
| CVE-2018-19477 | 4 Artifex, Canonical, Debian and 1 more | 10 Ghostscript, Ubuntu Linux, Debian Linux and 7 more | 2019-04-25 | 6.8 MEDIUM | 7.8 HIGH |
| psi/zfjbig2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because of a JBIG2Decode type confusion. | |||||
| CVE-2017-9619 | 1 Artifex | 1 Ghostscript Ghostxps | 2019-04-18 | 6.8 MEDIUM | 7.8 HIGH |
| The xps_true_callback_glyph_name function in xps/xpsttf.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (Segmentation Violation and application crash) via a crafted file. | |||||
| CVE-2017-9618 | 1 Artifex | 1 Ghostscript Ghostxps | 2019-04-18 | 6.8 MEDIUM | 7.8 HIGH |
| The xps_load_sfnt_name function in xps/xpsfont.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted document. | |||||
| CVE-2017-11714 | 2 Artifex, Debian | 2 Ghostscript, Debian Linux | 2019-04-17 | 6.8 MEDIUM | 7.8 HIGH |
| psi/ztoken.c in Artifex Ghostscript 9.21 mishandles references to the scanner state structure, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PostScript document, related to an out-of-bounds read in the igc_reloc_struct_ptr function in psi/igc.c. | |||||
| CVE-2017-7948 | 1 Artifex | 1 Ghostscript | 2019-03-19 | 6.8 MEDIUM | 7.8 HIGH |
| Integer overflow in the mark_curve function in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact via a crafted PostScript document. | |||||
| CVE-2018-1000039 | 1 Artifex | 1 Mupdf | 2019-03-14 | 6.8 MEDIUM | 7.8 HIGH |
| In MuPDF 1.12.0 and earlier, multiple heap use after free bugs in the PDF parser could allow an attacker to execute arbitrary code, read memory, or cause a denial of service via a crafted file. | |||||
| CVE-2018-1000037 | 2 Artifex, Debian | 2 Mupdf, Debian Linux | 2019-03-14 | 4.3 MEDIUM | 5.5 MEDIUM |
| In MuPDF 1.12.0 and earlier, multiple reachable assertions in the PDF parser allow an attacker to cause a denial of service (assert crash) via a crafted file. | |||||
| CVE-2018-1000051 | 2 Artifex, Debian | 2 Mupdf, Debian Linux | 2019-03-14 | 6.8 MEDIUM | 7.8 HIGH |
| Artifex Mupdf version 1.12.0 contains a Use After Free vulnerability in fz_keep_key_storable that can result in DOS / Possible code execution. This attack appear to be exploitable via Victim opens a specially crafted PDF. | |||||
| CVE-2018-1000040 | 2 Artifex, Debian | 2 Mupdf, Debian Linux | 2019-03-14 | 4.3 MEDIUM | 5.5 MEDIUM |
| In MuPDF 1.12.0 and earlier, multiple use of uninitialized value bugs in the PDF parser could allow an attacker to cause a denial of service (crash) or influence program flow via a crafted file. | |||||
| CVE-2018-16511 | 4 Artifex, Canonical, Debian and 1 more | 9 Ghostscript, Ubuntu Linux, Debian Linux and 6 more | 2019-03-11 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in Artifex Ghostscript before 9.24. A type confusion in "ztype" could be used by remote attackers able to supply crafted PostScript to crash the interpreter or possibly have unspecified other impact. | |||||
| CVE-2018-16510 | 2 Artifex, Canonical | 3 Ghostscript, Gpl Ghostscript, Ubuntu Linux | 2019-03-11 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in Artifex Ghostscript before 9.24. Incorrect exec stack handling in the "CS" and "SC" PDF primitives could be used by remote attackers able to supply crafted PDFs to crash the interpreter or possibly have unspecified other impact. | |||||
| CVE-2017-17866 | 2 Artifex, Debian | 2 Mupdf, Debian Linux | 2019-03-11 | 6.8 MEDIUM | 7.8 HIGH |
| pdf/pdf-write.c in Artifex MuPDF before 1.12.0 mishandles certain length changes when a repair operation occurs during a clean operation, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted PDF document. | |||||
| CVE-2018-16543 | 3 Artifex, Canonical, Debian | 3 Ghostscript, Ubuntu Linux, Debian Linux | 2019-03-07 | 6.8 MEDIUM | 7.8 HIGH |
| In Artifex Ghostscript before 9.24, gssetresolution and gsgetresolution allow attackers to have an unspecified impact. | |||||
| CVE-2018-16541 | 4 Artifex, Canonical, Debian and 1 more | 9 Ghostscript, Ubuntu Linux, Debian Linux and 6 more | 2019-03-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect free logic in pagedevice replacement to crash the interpreter. | |||||
| CVE-2018-16539 | 4 Artifex, Canonical, Debian and 1 more | 9 Ghostscript, Ubuntu Linux, Debian Linux and 6 more | 2019-03-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect access checking in temp file handling to disclose contents of files on the system otherwise not readable. | |||||
| CVE-2018-19134 | 3 Artifex, Debian, Redhat | 7 Ghostscript, Debian Linux, Enterprise Linux Desktop and 4 more | 2019-01-11 | 6.8 MEDIUM | 7.8 HIGH |
| In Artifex Ghostscript through 9.25, the setpattern operator did not properly validate certain types. A specially crafted PostScript document could exploit this to crash Ghostscript or, possibly, execute arbitrary code in the context of the Ghostscript process. This is a type confusion issue because of failure to check whether the Implementation of a pattern dictionary was a structure type. | |||||
| CVE-2018-19478 | 2 Artifex, Debian | 2 Ghostscript, Debian Linux | 2019-01-11 | 4.3 MEDIUM | 5.5 MEDIUM |
| In Artifex Ghostscript before 9.26, a carefully crafted PDF file can trigger an extremely long running computation when parsing the file. | |||||