Artifex Gpl Ghostscript
By the Year
In 2024 there have been 0 vulnerabilities in Artifex Gpl Ghostscript . Gpl Ghostscript did not have any published security vulnerabilities last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2024 | 0 | 0.00 |
2023 | 0 | 0.00 |
2022 | 0 | 0.00 |
2021 | 0 | 0.00 |
2020 | 0 | 0.00 |
2019 | 0 | 0.00 |
2018 | 7 | 7.91 |
It may take a day or so for new Gpl Ghostscript vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Artifex Gpl Ghostscript Security Vulnerabilities
Artifex Ghostscript 9.25 and earlier
CVE-2018-18284
8.6 - High
- October 19, 2018
Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving the 1Policy operator.
In Artifex Ghostscript before 9.24
CVE-2018-16513
7.8 - High
- September 05, 2018
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use a type confusion in the setcolor function to crash the interpreter or possibly have unspecified other impact.
Incorrect Type Conversion or Cast
An issue was discovered in Artifex Ghostscript before 9.24
CVE-2018-16509
7.8 - High
- September 05, 2018
An issue was discovered in Artifex Ghostscript before 9.24. Incorrect "restoration of privilege" checking during handling of /invalidaccess exceptions could be used by attackers able to supply crafted PostScript to execute code using the "pipe" instruction.
An issue was discovered in Artifex Ghostscript before 9.24
CVE-2018-16510
7.8 - High
- September 05, 2018
An issue was discovered in Artifex Ghostscript before 9.24. Incorrect exec stack handling in the "CS" and "SC" PDF primitives could be used by remote attackers able to supply crafted PDFs to crash the interpreter or possibly have unspecified other impact.
Buffer Overflow
In Artifex Ghostscript 9.23 before 2018-08-24
CVE-2018-15911
7.8 - High
- August 28, 2018
In Artifex Ghostscript 9.23 before 2018-08-24, attackers able to supply crafted PostScript could use uninitialized memory access in the aesdecode operator to crash the interpreter or potentially execute code.
Use of Uninitialized Resource
In Artifex Ghostscript 9.23 before 2018-08-24
CVE-2018-15909
7.8 - High
- August 27, 2018
In Artifex Ghostscript 9.23 before 2018-08-24, a type confusion using the .shfill operator could be used by attackers able to supply crafted PostScript files to crash the interpreter or potentially execute code.
Incorrect Type Conversion or Cast
In Artifex Ghostscript before 9.24
CVE-2018-15910
7.8 - High
- August 27, 2018
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use a type confusion in the LockDistillerParams parameter to crash the interpreter or execute code.
Incorrect Type Conversion or Cast
The get_sos function in jdmarker.c in (1) libjpeg 6b and (2) libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48, Ghostscript, and other products, does not check for certain duplications of component data during the reading of segments
CVE-2013-6629
- November 19, 2013
The get_sos function in jdmarker.c in (1) libjpeg 6b and (2) libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48, Ghostscript, and other products, does not check for certain duplications of component data during the reading of segments that follow Start Of Scan (SOS) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image.
Information Disclosure
Heap-based buffer overflow in gdevwpr2.c in Ghostscript 9.04, when processing the OutputFile device parameter
CVE-2012-4875
- September 06, 2012
Heap-based buffer overflow in gdevwpr2.c in Ghostscript 9.04, when processing the OutputFile device parameter, allows user-assisted remote attackers to execute arbitrary code via a long file name in a PostScript document. NOTE: as of 20120314, the developer was not able to reproduce the issue and disputed it
Buffer Overflow
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Artifex Gpl Ghostscript or by Artifex? Click the Watch button to subscribe.