Ghostscript

Ghostscript

11 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.3

CVE-2024-29510

Exploit
  • EPSS 6.85%
  • Veröffentlicht 03.07.2024 19:15:03
  • Zuletzt bearbeitet 28.04.2025 17:12:24

Artifex Ghostscript before 10.03.1 allows memory corruption, and SAFER sandbox bypass, via format string injection with a uniprint device.

4.4

CVE-2010-4820

  • EPSS 0.11%
  • Veröffentlicht 27.10.2014 01:55:23
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Untrusted search path vulnerability in Ghostscript 8.62 allows local users to execute arbitrary PostScript code via a Trojan horse Postscript library file in Encoding/ under the current working directory, a different vulnerability than CVE-2010-2055.

6.8

CVE-2012-4405

  • EPSS 35.37%
  • Veröffentlicht 18.09.2012 17:55:07
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Multiple integer underflows in the icmLut_allocate function in International Color Consortium (ICC) Format library (icclib), as used in Ghostscript 9.06 and Argyll Color Management System, allow remote attackers to cause a denial of service (crash) a...

9.3

CVE-2009-4270

Exploit
  • EPSS 8.64%
  • Veröffentlicht 21.12.2009 16:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Stack-based buffer overflow in the errprintf function in base/gsmisc.c in ghostscript 8.64 through 8.70 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PDF file, as originally reported fo...

9.3

CVE-2009-0196

Exploit
  • EPSS 12.16%
  • Veröffentlicht 16.04.2009 15:12:57
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Heap-based buffer overflow in the big2_decode_symbol_dict function (jbig2_symbol_dict.c) in the JBIG2 decoding library (jbig2dec) in Ghostscript 8.64, and probably earlier versions, allows remote attackers to execute arbitrary code via a PDF file wit...

9.3

CVE-2009-0792

  • EPSS 1.17%
  • Veröffentlicht 14.04.2009 16:26:56
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Multiple integer overflows in icc.c in the International Color Consortium (ICC) Format library (aka icclib), as used in Ghostscript 8.64 and earlier and Argyll Color Management System (CMS) 1.0.3 and earlier, allow context-dependent attackers to caus...

7.5

CVE-2007-6725

Exploit
  • EPSS 6.17%
  • Veröffentlicht 08.04.2009 16:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

The CCITTFax decoding filter in Ghostscript 8.60, 8.61, and possibly other versions, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PDF file that triggers a buffer underflow in the cf_de...

5

CVE-2008-6679

  • EPSS 6.06%
  • Veröffentlicht 08.04.2009 16:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Buffer overflow in the BaseFont writer module in Ghostscript 8.62, and possibly other versions, allows remote attackers to cause a denial of service (ps2pdf crash) and possibly execute arbitrary code via a crafted Postscript file.

9.3

CVE-2009-0583

  • EPSS 4.08%
  • Veröffentlicht 23.03.2009 20:00:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Multiple integer overflows in icc.c in the International Color Consortium (ICC) Format library (aka icclib), as used in Ghostscript 8.64 and earlier and Argyll Color Management System (CMS) 1.0.3 and earlier, allow context-dependent attackers to caus...

9.3

CVE-2009-0584

  • EPSS 8.95%
  • Veröffentlicht 23.03.2009 20:00:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

icc.c in the International Color Consortium (ICC) Format library (aka icclib), as used in Ghostscript 8.64 and earlier and Argyll Color Management System (CMS) 1.0.3 and earlier, allows context-dependent attackers to cause a denial of service (applic...