Security News

RCE bug in widely used Ghostscript library now exploited in attacks

2024-07-08 16:26

A remote code execution vulnerability in the Ghostscript document conversion toolkit, widely used on Linux systems, is currently being exploited in attacks. Ghostscript comes pre-installed on many Linux distributions and is used by various document conversion software, including ImageMagick, LibreOffice, GIMP, Inkscape, Scribus, and the CUPS printing system.

#attack #ghostscript #RCE #CVE-2024-29510

Latest Ghostscript vulnerability haunts experts as the next big breach enabler

2024-07-05 12:34

Infosec circles are awash with chatter about a vulnerability in Ghostscript some experts believe could be the cause of several major breaches in the coming months. Ghostscript is a Postscript and Adobe PDF interpreter that lets users of *nix, Windows, MacOS, and various embedded OSes and platforms view, print, and convert PDFs and image files.

#breach #ghostscript #vulnerability #CVE-2023-36664 #CVE-2024-29510

Critical RCE found in popular Ghostscript open-source PDF library

2023-07-12 16:46

Ghostscript, an open-source interpreter for PostScript language and PDF files widely used in Linux, has been found vulnerable to a critical-severity remote code execution flaw. The flaw is tracked as CVE-2023-3664, having a CVSS v3 rating of 9.8, and impacts all versions of Ghostscript before 10.01.2, which is the latest available version released three weeks ago.

#critical #ghostscript #opensource #PDF #RCE #CVE-2023-3664

Ghostscript bug could allow rogue documents to run system commands

2023-07-04 19:57

Ghostscript is a free and open-source implementation of Adobe's widely-used PostScript document composition system and its even-more-widely-used PDF file format, short for Portable Document Format. Loosely put, Ghostscript reads in PostScript program code, which describes how to construct the pages in a document, and converts it, or renders it, into a format more suitable for displaying or printing, such as raw pixel data or a PNG graphics file.

#ghostscript #CVE-2023-36664

Data Leak in Ghostscript Could Allow Command Execution

2019-01-25 15:19

Data leak vulnerabilities in Ghostscript could allow an attacker to take over a routine and even execute commands on systems, Google Project Zero researcher Tavis Ormandy has discovered. read more

#dataleak #ghostscript #leak

Unpatched Ghostscript Flaws Allow Remote Takeover of Systems

2018-08-22 19:55

A remote, unauthenticated attacker could execute arbitrary commands on systems with the privileges of the Ghostscript code.

#ghostscript #takeover

Unpatched Ghostscript Vulnerabilities Impact Popular Software

2018-08-22 18:44

Ghostscript Impacted by Multiple -dSAFER Sandbox Bypass Vulnerabilities read more

#ghostscript #vulnerabilities

Ghostscript flaw could allow attackers to take remote control of systems - and there's no fix yet

2018-08-22 15:24

Interpreter for Abode PostScript and PDF page description languages is used by large numbers of vendors - and in enterprises around the world.

#ghostscript

Critical Flaws in Ghostscript Could Leave Many Systems at Risk of Hacking

2018-08-22 08:33

Google Project Zero's security researcher has discovered a critical remote code execution (RCE) vulnerability in Ghostscript—an open source interpreter for Adobe Systems' PostScript and PDF page...

#critical #ghostscript #hacking

Security News {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Security News"}]}

Security News