Vulnerabilities > Artifex

DATE CVE VULNERABILITY TITLE RISK
2017-04-19 CVE-2017-7976 Integer Overflow or Wraparound vulnerability in Artifex Jbig2Dec 0.13
Artifex jbig2dec 0.13 allows out-of-bounds writes and reads because of an integer overflow in the jbig2_image_compose function in jbig2_image.c during operations on a crafted .jb2 file, leading to a denial of service (application crash) or disclosure of sensitive information from process memory.
local
low complexity
artifex CWE-190
7.1
2017-04-19 CVE-2017-7975 Integer Overflow or Wraparound vulnerability in Artifex Jbig2Dec 0.13
Artifex jbig2dec 0.13, as used in Ghostscript, allows out-of-bounds writes because of an integer overflow in the jbig2_build_huffman_table function in jbig2_huffman.c during operations on a crafted JBIG2 file, leading to a denial of service (application crash) or possibly execution of arbitrary code.
local
low complexity
artifex CWE-190
7.8
2017-04-19 CVE-2017-7948 Integer Overflow or Wraparound vulnerability in Artifex Ghostscript 9.21
Integer overflow in the mark_curve function in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact via a crafted PostScript document.
local
low complexity
artifex CWE-190
7.8
2017-04-17 CVE-2017-7885 Integer Overflow or Wraparound vulnerability in Artifex Jbig2Dec 0.13
Artifex jbig2dec 0.13 has a heap-based buffer over-read leading to denial of service (application crash) or disclosure of sensitive information from process memory, because of an integer overflow in the jbig2_decode_symbol_dict function in jbig2_symbol_dict.c in libjbig2dec.a during operation on a crafted .jb2 file.
local
low complexity
artifex CWE-190
7.1
2017-04-14 CVE-2016-8602 Incorrect Type Conversion or Cast vulnerability in Artifex Ghostscript
The .sethalftone5 function in psi/zht2.c in Ghostscript before 9.21 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Postscript document that calls .sethalftone5 with an empty operand stack.
local
low complexity
artifex CWE-704
7.8
2017-04-03 CVE-2016-10317 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Artifex Ghostscript 9.20
The fill_threshhold_buffer function in base/gxht_thresh.c in Artifex Software, Inc.
local
low complexity
artifex CWE-119
7.8
2017-04-03 CVE-2017-5951 NULL Pointer Dereference vulnerability in Artifex Ghostscript 9.20
The mem_get_bits_rectangle function in base/gdevmem.c in Artifex Software, Inc.
local
low complexity
artifex CWE-476
5.5
2017-04-03 CVE-2016-10221 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Artifex Mupdf 1.10A
The count_entries function in pdf-layer.c in Artifex Software, Inc.
local
low complexity
artifex CWE-119
5.5
2017-04-03 CVE-2016-10220 NULL Pointer Dereference vulnerability in Artifex Ghostscript 9.20
The gs_makewordimagedevice function in base/gsdevmem.c in Artifex Software, Inc.
local
low complexity
artifex CWE-476
5.5
2017-04-03 CVE-2016-10219 Divide By Zero vulnerability in Artifex Ghostscript 9.20
The intersect function in base/gxfill.c in Artifex Software, Inc.
local
low complexity
artifex CWE-369
5.5