Vulnerabilities > Artifex > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-26 | CVE-2017-9727 | Out-of-bounds Read vulnerability in multiple products The gx_ttfReader__Read function in base/gxttfb.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document. | 7.8 |
| 2017-07-26 | CVE-2017-9726 | Out-of-bounds Read vulnerability in multiple products The Ins_MDRP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document. | 7.8 |
| 2017-07-26 | CVE-2017-9620 | Out-of-bounds Read vulnerability in Artifex Ghostscript Ghostxps 9.21 The xps_select_font_encoding function in xps/xpsfont.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document, related to the xps_encode_font_char_imp function. | 7.8 |
| 2017-07-26 | CVE-2017-9619 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Artifex Ghostscript Ghostxps 9.21 The xps_true_callback_glyph_name function in xps/xpsttf.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (Segmentation Violation and application crash) via a crafted file. | 7.8 |
| 2017-07-26 | CVE-2017-9618 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Artifex Ghostscript Ghostxps 9.21 The xps_load_sfnt_name function in xps/xpsfont.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted document. | 7.8 |
| 2017-07-26 | CVE-2017-9612 | Use After Free vulnerability in multiple products The Ins_IP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact via a crafted document. | 7.8 |
| 2017-07-26 | CVE-2017-9611 | Out-of-bounds Read vulnerability in multiple products The Ins_MIRP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document. | 7.8 |
| 2017-07-26 | CVE-2017-9610 | Out-of-bounds Read vulnerability in Artifex Ghostscript Ghostxps 9.21 The xps_load_sfnt_name function in xps/xpsfont.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document. | 7.8 |
| 2017-05-23 | CVE-2016-7978 | Use After Free vulnerability in Artifex Ghostscript 9.20 Use-after-free vulnerability in Ghostscript 9.20 might allow remote attackers to execute arbitrary code via vectors related to a reference leak in .setdevice. | 7.5 |
| 2017-04-27 | CVE-2017-8291 | Type Confusion vulnerability in multiple products Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a "/OutputFile (%pipe%" substring in a crafted .eps document that is an input to the gs program, as exploited in the wild in April 2017. | 7.8 |