Ghostscript

Ghostscript

11 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.3

CVE-2024-29510

Exploit
  • EPSS 6.85%
  • Published 03.07.2024 19:15:03
  • Last modified 28.04.2025 17:12:24

Artifex Ghostscript before 10.03.1 allows memory corruption, and SAFER sandbox bypass, via format string injection with a uniprint device.

4.4

CVE-2010-4820

  • EPSS 0.11%
  • Published 27.10.2014 01:55:23
  • Last modified 12.04.2025 10:46:40

Untrusted search path vulnerability in Ghostscript 8.62 allows local users to execute arbitrary PostScript code via a Trojan horse Postscript library file in Encoding/ under the current working directory, a different vulnerability than CVE-2010-2055.

6.8

CVE-2012-4405

  • EPSS 35.37%
  • Published 18.09.2012 17:55:07
  • Last modified 11.04.2025 00:51:21

Multiple integer underflows in the icmLut_allocate function in International Color Consortium (ICC) Format library (icclib), as used in Ghostscript 9.06 and Argyll Color Management System, allow remote attackers to cause a denial of service (crash) a...

9.3

CVE-2009-4270

Exploit
  • EPSS 8.64%
  • Published 21.12.2009 16:30:00
  • Last modified 09.04.2025 00:30:58

Stack-based buffer overflow in the errprintf function in base/gsmisc.c in ghostscript 8.64 through 8.70 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PDF file, as originally reported fo...

9.3

CVE-2009-0196

Exploit
  • EPSS 12.16%
  • Published 16.04.2009 15:12:57
  • Last modified 09.04.2025 00:30:58

Heap-based buffer overflow in the big2_decode_symbol_dict function (jbig2_symbol_dict.c) in the JBIG2 decoding library (jbig2dec) in Ghostscript 8.64, and probably earlier versions, allows remote attackers to execute arbitrary code via a PDF file wit...

9.3

CVE-2009-0792

  • EPSS 1.17%
  • Published 14.04.2009 16:26:56
  • Last modified 09.04.2025 00:30:58

Multiple integer overflows in icc.c in the International Color Consortium (ICC) Format library (aka icclib), as used in Ghostscript 8.64 and earlier and Argyll Color Management System (CMS) 1.0.3 and earlier, allow context-dependent attackers to caus...

7.5

CVE-2007-6725

Exploit
  • EPSS 6.17%
  • Published 08.04.2009 16:30:00
  • Last modified 09.04.2025 00:30:58

The CCITTFax decoding filter in Ghostscript 8.60, 8.61, and possibly other versions, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PDF file that triggers a buffer underflow in the cf_de...

5

CVE-2008-6679

  • EPSS 6.06%
  • Published 08.04.2009 16:30:00
  • Last modified 09.04.2025 00:30:58

Buffer overflow in the BaseFont writer module in Ghostscript 8.62, and possibly other versions, allows remote attackers to cause a denial of service (ps2pdf crash) and possibly execute arbitrary code via a crafted Postscript file.

9.3

CVE-2009-0583

  • EPSS 4.08%
  • Published 23.03.2009 20:00:00
  • Last modified 09.04.2025 00:30:58

Multiple integer overflows in icc.c in the International Color Consortium (ICC) Format library (aka icclib), as used in Ghostscript 8.64 and earlier and Argyll Color Management System (CMS) 1.0.3 and earlier, allow context-dependent attackers to caus...

9.3

CVE-2009-0584

  • EPSS 8.95%
  • Published 23.03.2009 20:00:00
  • Last modified 09.04.2025 00:30:58

icc.c in the International Color Consortium (ICC) Format library (aka icclib), as used in Ghostscript 8.64 and earlier and Argyll Color Management System (CMS) 1.0.3 and earlier, allows context-dependent attackers to cause a denial of service (applic...