Vulnerabilities > Artifex > Ghostscript > 9.20
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-04-18 | CVE-2018-10194 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The set_text_distance function in devices/vector/gdevpdts.c in the pdfwrite component in Artifex Ghostscript through 9.22 does not prevent overflows in text-positioning calculation, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document. | 7.8 |
| 2017-08-07 | CVE-2016-7976 | Improper Input Validation vulnerability in Artifex Ghostscript 9.18/9.20 The PS Interpreter in Ghostscript 9.18 and 9.20 allows remote attackers to execute arbitrary code via crafted userparams. | 8.8 |
| 2017-05-23 | CVE-2016-7979 | Incorrect Type Conversion or Cast vulnerability in Artifex Ghostscript Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently execute arbitrary code by leveraging type confusion in .initialize_dsc_parser. | 9.8 |
| 2017-05-23 | CVE-2016-7978 | Use After Free vulnerability in Artifex Ghostscript 9.20 Use-after-free vulnerability in Ghostscript 9.20 might allow remote attackers to execute arbitrary code via vectors related to a reference leak in .setdevice. | 7.5 |
| 2017-05-23 | CVE-2016-7977 | Information Exposure vulnerability in Artifex Ghostscript Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently read arbitrary files via the use of the .libfile operator in a crafted postscript document. | 5.5 |
| 2017-04-27 | CVE-2017-8291 | Incorrect Type Conversion or Cast vulnerability in Artifex Ghostscript Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a "/OutputFile (%pipe%" substring in a crafted .eps document that is an input to the gs program, as exploited in the wild in April 2017. | 7.8 |
| 2017-04-14 | CVE-2016-8602 | Incorrect Type Conversion or Cast vulnerability in Artifex Ghostscript The .sethalftone5 function in psi/zht2.c in Ghostscript before 9.21 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Postscript document that calls .sethalftone5 with an empty operand stack. | 7.8 |
| 2017-04-03 | CVE-2016-10317 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Artifex Ghostscript 9.20 The fill_threshhold_buffer function in base/gxht_thresh.c in Artifex Software, Inc. | 6.8 |
| 2017-04-03 | CVE-2017-5951 | NULL Pointer Dereference vulnerability in Artifex Ghostscript 9.20 The mem_get_bits_rectangle function in base/gdevmem.c in Artifex Software, Inc. | 4.3 |
| 2017-04-03 | CVE-2016-10220 | NULL Pointer Dereference vulnerability in Artifex Ghostscript 9.20 The gs_makewordimagedevice function in base/gsdevmem.c in Artifex Software, Inc. | 4.3 |