Vulnerabilities > Ghostscript > Ghostscript > 8.62

DATE CVE VULNERABILITY TITLE RISK
2014-10-27 CVE-2010-4820 Code Injection vulnerability in Ghostscript 8.62
Untrusted search path vulnerability in Ghostscript 8.62 allows local users to execute arbitrary PostScript code via a Trojan horse Postscript library file in Encoding/ under the current working directory, a different vulnerability than CVE-2010-2055.
4.4
2009-04-16 CVE-2009-0196 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Ghostscript
Heap-based buffer overflow in the big2_decode_symbol_dict function (jbig2_symbol_dict.c) in the JBIG2 decoding library (jbig2dec) in Ghostscript 8.64, and probably earlier versions, allows remote attackers to execute arbitrary code via a PDF file with a JBIG2 symbol dictionary segment with a large run length value.
network
ghostscript CWE-119
critical
9.3
2009-04-08 CVE-2008-6679 Buffer Errors vulnerability in Ghostscript 8.62
Buffer overflow in the BaseFont writer module in Ghostscript 8.62, and possibly other versions, allows remote attackers to cause a denial of service (ps2pdf crash) and possibly execute arbitrary code via a crafted Postscript file.
network
low complexity
ghostscript CWE-119
5.0