Vulnerabilities > Artifex

DATE CVE VULNERABILITY TITLE RISK
2017-07-26 CVE-2017-9618 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Artifex Ghostscript Ghostxps 9.21
The xps_load_sfnt_name function in xps/xpsfont.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted document.
local
low complexity
artifex CWE-119
7.8
2017-07-26 CVE-2017-9612 Use After Free vulnerability in multiple products
The Ins_IP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact via a crafted document.
local
low complexity
artifex debian CWE-416
7.8
2017-07-26 CVE-2017-9611 Out-of-bounds Read vulnerability in multiple products
The Ins_MIRP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document.
local
low complexity
artifex debian CWE-125
7.8
2017-07-26 CVE-2017-9610 Out-of-bounds Read vulnerability in Artifex Ghostscript Ghostxps 9.21
The xps_load_sfnt_name function in xps/xpsfont.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document.
local
low complexity
artifex CWE-125
7.8
2017-05-24 CVE-2017-9216 NULL Pointer Dereference vulnerability in multiple products
libjbig2dec.a in Artifex jbig2dec 0.13, as used in MuPDF and Ghostscript, has a NULL pointer dereference in the jbig2_huffman_get function in jbig2_huffman.c.
network
low complexity
artifex debian CWE-476
6.5
2017-05-23 CVE-2016-7979 Incorrect Type Conversion or Cast vulnerability in Artifex Ghostscript
Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently execute arbitrary code by leveraging type confusion in .initialize_dsc_parser.
network
low complexity
artifex CWE-704
critical
9.8
2017-05-23 CVE-2016-7978 Use After Free vulnerability in Artifex Ghostscript 9.20
Use-after-free vulnerability in Ghostscript 9.20 might allow remote attackers to execute arbitrary code via vectors related to a reference leak in .setdevice.
network
low complexity
artifex CWE-416
critical
9.8
2017-05-23 CVE-2016-7977 Information Exposure vulnerability in Artifex Ghostscript
Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently read arbitrary files via the use of the .libfile operator in a crafted postscript document.
local
low complexity
artifex CWE-200
5.5
2017-05-12 CVE-2017-8908 Out-of-bounds Read vulnerability in Artifex Ghostscript 9.21
The mark_line_tr function in gxscanc.c in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PostScript document.
local
low complexity
artifex CWE-125
5.5
2017-04-27 CVE-2017-8291 Type Confusion vulnerability in multiple products
Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a "/OutputFile (%pipe%" substring in a crafted .eps document that is an input to the gs program, as exploited in the wild in April 2017.
local
low complexity
artifex debian redhat CWE-843
7.8