Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

ghostscript ghostscript 0 vulnerabilities and exploits

(subscribe to this query)
6.8
CVSSv2
CVE-2008-0411
Stack-based buffer overflow in the zseticcspace function in zicc.c in Ghostscript 8.61 and previous versions allows remote malicious users to execute arbitrary code via a postscript (.ps) file containing a long Range array in a .seticcspace operator.
Ghostscript GhostscriptGhostscript Ghostscript 0Ghostscript Ghostscript 8.0.1Ghostscript Ghostscript 8.15
9.3
CVSSv2
CVE-2009-0196
Heap-based buffer overflow in the big2_decode_symbol_dict function (jbig2_symbol_dict.c) in the JBIG2 decoding library (jbig2dec) in Ghostscript 8.64, and probably earlier versions, allows remote malicious users to execute arbitrary code via a PDF file with a JBIG2 symbol diction...
Ghostscript GhostscriptGhostscript Ghostscript 8.63Ghostscript Ghostscript 8.15.2Ghostscript Ghostscript 8.15Ghostscript Ghostscript 8.56Ghostscript Ghostscript 8.54Ghostscript Ghostscript 8.60Ghostscript Ghostscript 8.57Ghostscript Ghostscript 5.50Ghostscript Ghostscript 0Ghostscript Ghostscript 8.62Ghostscript Ghostscript 8.61Ghostscript Ghostscript 8.0.1Ghostscript Ghostscript 7.07
9.3
CVSSv2
CVE-2009-0584
icc.c in the International Color Consortium (ICC) Format library (aka icclib), as used in Ghostscript 8.64 and previous versions and Argyll Color Management System (CMS) 1.0.3 and previous versions, allows context-dependent malicious users to cause a denial of service (applicatio...
Ghostscript Ghostscript 8.15.2Ghostscript Ghostscript 8.60Ghostscript Ghostscript 8.57Argyllcms CmsGhostscript Ghostscript 8.0.1Ghostscript Ghostscript 8.15Ghostscript Ghostscript 7.07Ghostscript Ghostscript 7.05Ghostscript Ghostscript 8.61Ghostscript Ghostscript 0Ghostscript Ghostscript 5.50Ghostscript GhostscriptGhostscript Ghostscript 8.56Ghostscript Ghostscript 8.54
4.3
CVSSv2
CVE-2018-19478
In Artifex Ghostscript prior to 9.26, a carefully crafted PDF file can trigger an extremely long running computation when parsing the file.
Artifex GhostscriptDebian Debian Linux 8.0
6.8
CVSSv2
CVE-2019-14812
A flaw was found in all ghostscript versions 9.x prior to 9.50, in the .setuserparams2 procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and the...
Artifex GhostscriptFedoraproject Fedora 31
6.8
CVSSv2
CVE-2019-14869
A flaw was found in all versions of ghostscript 9.x prior to 9.50, where the `.charkeys` procedure, where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially crafted PostScri...
Artifex GhostscriptFedoraproject Fedora 29Fedoraproject Fedora 30Fedoraproject Fedora 31Opensuse Leap 15.0Opensuse Leap 15.1
6.8
CVSSv2
CVE-2019-14811
A flaw was found in, ghostscript versions before 9.50, in the .pdf_hook_DSC_Creator procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then h...
Artifex GhostscriptRedhat Openshift Container Platform 3.11Redhat Openshift Container Platform 4.1Fedoraproject Fedora 29Fedoraproject Fedora 30Fedoraproject Fedora 31Opensuse Leap 15.0Opensuse Leap 15.1Debian Debian Linux 8.0Debian Debian Linux 9.0Debian Debian Linux 10.0
6.8
CVSSv2
CVE-2019-14817
A flaw was found in, ghostscript versions before 9.50, in the .pdfexectoken and other procedures where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and the...
Artifex GhostscriptRedhat Openshift Container Platform 3.11Redhat Openshift Container Platform 4.1Opensuse Leap 15.0Opensuse Leap 15.1Fedoraproject Fedora 29Fedoraproject Fedora 30Fedoraproject Fedora 31Debian Debian Linux 8.0Debian Debian Linux 9.0Debian Debian Linux 10.0
6.8
CVSSv2
CVE-2019-3839
It was found that in ghostscript some privileged operators remained accessible from various places after the CVE-2019-6116 fix. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -d...
Artifex GhostscriptDebian Debian Linux 8.0Debian Debian Linux 9.0Opensuse Leap 15.0Opensuse Leap 15.1Fedoraproject Fedora 29Fedoraproject Fedora 30Canonical Ubuntu Linux 16.04Canonical Ubuntu Linux 18.04Canonical Ubuntu Linux 18.10Canonical Ubuntu Linux 19.04Redhat Enterprise Linux 6.0Redhat Enterprise Linux 5.0
6.8
CVSSv2
CVE-2019-10216
In ghostscript before version 9.50, the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges and acce...
Artifex GhostscriptRedhat Enterprise Linux Desktop 7.0Redhat Enterprise Linux Workstation 7.0Redhat Enterprise Linux 6.0Redhat Enterprise Linux Server 7.0Redhat Enterprise Linux 5.0Redhat Enterprise Linux 8.0Redhat Enterprise Linux Server Eus 7.7Redhat Enterprise Linux Server Aus 7.7Redhat Enterprise Linux Server Tus 7.7Redhat 3scale Api Management 2.6
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304CVE-2024-4240arbitrary CVE-2024-31601XSSCVE-2023-20198CVE-2024-4256CVE-2024-3342encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook