Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 10 of 17 results


CVE-2010-4820

Medium priority
Ignored

Untrusted search path vulnerability in Ghostscript 8.62 allows local users to execute arbitrary PostScript code via a Trojan horse Postscript library file in Encoding/ under the current working directory, a different vulnerability...

4 affected packages

ghostscript, gs-afpl, gs-esp, gs-gpl

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ghostscript
gs-afpl
gs-esp
gs-gpl
Show less packages

CVE-2012-4405

Medium priority

Some fixes available 2 of 6

Multiple integer underflows in the icmLut_allocate function in International Color Consortium (ICC) Format library (icclib), as used in Ghostscript 9.06 and Argyll Color Management System, allow remote attackers to cause a denial...

5 affected packages

argyll, ghostscript, gs-afpl, gs-esp, gs-gpl

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
argyll Not affected
ghostscript Not affected
gs-afpl Not in release
gs-esp Not in release
gs-gpl Not in release
Show less packages

CVE-2010-4054

Low priority

Some fixes available 1 of 6

The gs_type2_interpret function in Ghostscript allows remote attackers to cause a denial of service (incorrect pointer dereference and application crash) via crafted font data in a compressed data stream, aka bug 691043.

4 affected packages

ghostscript, gs-afpl, gs-esp, gs-gpl

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ghostscript
gs-afpl
gs-esp
gs-gpl
Show less packages

CVE-2009-3743

Low priority

Some fixes available 1 of 6

Off-by-one error in the Ins_MINDEX function in the TrueType bytecode interpreter in Ghostscript before 8.71 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a malformed...

4 affected packages

ghostscript, gs-afpl, gs-esp, gs-gpl

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ghostscript
gs-afpl
gs-esp
gs-gpl
Show less packages

CVE-2010-2055

Medium priority
Ignored

Ghostscript 8.71 and earlier reads initialization files from the current working directory, which allows local users to execute arbitrary PostScript commands via a Trojan horse file, related to improper support for the -P- option...

4 affected packages

ghostscript, gs-afpl, gs-esp, gs-gpl

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ghostscript
gs-afpl
gs-esp
gs-gpl
Show less packages

CVE-2010-1628

Medium priority

Some fixes available 4 of 7

Ghostscript 8.64, 8.70, and possibly other versions allows context-dependent attackers to execute arbitrary code via a PostScript file containing unlimited recursive procedure invocations, which trigger memory corruption in the...

4 affected packages

ghostscript, gs-afpl, gs-esp, gs-gpl

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ghostscript
gs-afpl
gs-esp
gs-gpl
Show less packages

CVE-2010-1869

Medium priority

Some fixes available 3 of 6

Stack-based buffer overflow in the parser function in GhostScript 8.70 and 8.64 allows context-dependent attackers to execute arbitrary code via a crafted PostScript file.

4 affected packages

ghostscript, gs-afpl, gs-esp, gs-gpl

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ghostscript
gs-afpl
gs-esp
gs-gpl
Show less packages

CVE-2009-4897

Medium priority

Some fixes available 2 of 5

Buffer overflow in gs/psi/iscan.c in Ghostscript 8.64 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDF document containing a long name.

4 affected packages

ghostscript, gs-afpl, gs-esp, gs-gpl

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ghostscript
gs-afpl
gs-esp
gs-gpl
Show less packages

CVE-2009-4270

Low priority

Some fixes available 2 of 5

Stack-based buffer overflow in the errprintf function in base/gsmisc.c in ghostscript 8.64 through 8.70 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PDF file, as...

4 affected packages

ghostscript, gs-afpl, gs-esp, gs-gpl

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ghostscript
gs-afpl
gs-esp
gs-gpl
Show less packages

CVE-2009-0196

Medium priority

Some fixes available 6 of 8

Heap-based buffer overflow in the big2_decode_symbol_dict function (jbig2_symbol_dict.c) in the JBIG2 decoding library (jbig2dec) in Ghostscript 8.64, and probably earlier versions, allows remote attackers to execute arbitrary...

4 affected packages

ghostscript, gs-afpl, gs-esp, gs-gpl

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ghostscript
gs-afpl
gs-esp
gs-gpl
Show less packages