Gpl Ghostscript Artifex Gpl Ghostscript

stack.watch can notify you when security vulnerabilities are reported in Artifex Gpl Ghostscript. You can add multiple products that you use with Gpl Ghostscript to create your own personal software stack watcher.

By the Year

In 2020 there have been 0 vulnerabilities in Artifex Gpl Ghostscript . Last year Gpl Ghostscript had 0 security vulnerabilities published.

Year Vulnerabilities Average Score
2020 0 0.00
2019 0 0.00
2018 7 7.91

It may take a day or so for new Gpl Ghostscript vulnerabilities to show up. Additionally vulnerabilities may be tagged under a different product or component name.

Latest Artifex Gpl Ghostscript Security Vulnerabilities

Artifex Ghostscript 9.25 and earlier

CVE-2018-18284 8.6 - High - October 19, 2018

Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving the 1Policy operator.

CVE-2018-18284 is exploitable with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

In Artifex Ghostscript before 9.24

CVE-2018-16513 7.8 - High - September 05, 2018

In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use a type confusion in the setcolor function to crash the interpreter or possibly have unspecified other impact.

CVE-2018-16513 can be explotited with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Incorrect Type Conversion or Cast

An issue was discovered in Artifex Ghostscript before 9.24

CVE-2018-16509 7.8 - High - September 05, 2018

An issue was discovered in Artifex Ghostscript before 9.24. Incorrect "restoration of privilege" checking during handling of /invalidaccess exceptions could be used by attackers able to supply crafted PostScript to execute code using the "pipe" instruction.

CVE-2018-16509 can be explotited with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

An issue was discovered in Artifex Ghostscript before 9.24

CVE-2018-16510 7.8 - High - September 05, 2018

An issue was discovered in Artifex Ghostscript before 9.24. Incorrect exec stack handling in the "CS" and "SC" PDF primitives could be used by remote attackers able to supply crafted PDFs to crash the interpreter or possibly have unspecified other impact.

CVE-2018-16510 is exploitable with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Memory Corruption

In Artifex Ghostscript 9.23 before 2018-08-24

CVE-2018-15911 7.8 - High - August 28, 2018

In Artifex Ghostscript 9.23 before 2018-08-24, attackers able to supply crafted PostScript could use uninitialized memory access in the aesdecode operator to crash the interpreter or potentially execute code.

CVE-2018-15911 can be explotited with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Memory Corruption

In Artifex Ghostscript 9.23 before 2018-08-24

CVE-2018-15909 7.8 - High - August 27, 2018

In Artifex Ghostscript 9.23 before 2018-08-24, a type confusion using the .shfill operator could be used by attackers able to supply crafted PostScript files to crash the interpreter or potentially execute code.

CVE-2018-15909 can be explotited with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Incorrect Type Conversion or Cast

In Artifex Ghostscript before 9.24

CVE-2018-15910 7.8 - High - August 27, 2018

In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use a type confusion in the LockDistillerParams parameter to crash the interpreter or execute code.

CVE-2018-15910 is exploitable with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Incorrect Type Conversion or Cast