English
Français
Light
Dark
System

Alert System

Stay informed at all times
Create an account Open a free account Login Manage your alerts

Artifex Ghostscript 9.51

CPE Details

Artifex Ghostscript 9.51
artifex
ghostscript
9.51
2020-10-20 12:00 +00:00
2020-10-20 12:00 +00:00
CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.
Alert management

CPE Name: cpe:2.3:a:artifex:ghostscript:9.51:-:*:*:*:*:*:*

Informations

Vendor

artifex

Product

ghostscript

Version

9.51

Update

-

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2024-29506 2024-07-02 22:00 +00:00 Artifex Ghostscript before 10.03.0 has a stack-based buffer overflow in the pdfi_apply_filter() function via a long PDF filter name.
8.8
HIGH
CVE-2024-29508 2024-07-02 22:00 +00:00 Artifex Ghostscript before 10.03.0 has a heap-based pointer disclosure (observable in a constructed BaseFont name) in the function pdf_base_font_alloc.
3.3
LOW
CVE-2024-29509 2024-07-02 22:00 +00:00 Artifex Ghostscript before 10.03.0 has a heap-based overflow when PDFPassword (e.g., for runpdf) has a \000 byte in the middle.
8.8
HIGH
CVE-2020-36773 2024-02-03 23:00 +00:00 Artifex Ghostscript before 9.53.0 has an out-of-bounds write and use-after-free in devices/vector/gdevtxtw.c (for txtwrite) because a single character code in a PDF document can map to more than one Unicode code point (e.g., for a ligature).
9.8
CRITICAL
CVE-2023-46751 2023-12-05 23:00 +00:00 An issue was discovered in the function gdev_prn_open_printer_seekable() in Artifex Ghostscript through 10.02.0 allows remote attackers to crash the application via a dangling pointer.
7.5
HIGH
CVE-2023-43115 2023-09-17 22:00 +00:00 In Artifex Ghostscript through 10.01.2, gdevijs.c in GhostPDL can lead to remote code execution via crafted PostScript documents because they can switch to the IJS device, or change the IjsServer parameter, after SAFER has been activated. NOTE: it is a documented risk that the IJS server can be specified on a gs command line (the IJS device inherently must execute a command to start the IJS server).
8.8
HIGH
CVE-2023-38559 2023-08-01 16:49 +00:00 A buffer overflow flaw was found in base/gdevdevn.c:1973 in devn_pcx_write_rle() in ghostscript. This issue may allow a local attacker to cause a denial of service via outputting a crafted PDF file for a DEVN device with gs.
5.5
MEDIUM
CVE-2023-36664 2023-06-24 22:00 +00:00 Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices (with the %pipe% prefix or the | pipe character prefix).
7.8
HIGH
CVE-2023-28879 2023-03-30 22:00 +00:00 In Artifex Ghostscript through 10.01.0, there is a buffer overflow leading to potential corruption of data internal to the PostScript interpreter, in base/sbcp.c. This affects BCPEncode, BCPDecode, TBCPEncode, and TBCPDecode. If the write buffer is filled to one byte less than full, and one then tries to write an escaped character, two bytes are written.
9.8
CRITICAL
CVE-2021-45944 2021-12-31 22:56 +00:00 Ghostscript GhostPDL 9.50 through 9.53.3 has a use-after-free in sampled_data_sample (called from sampled_data_continue and interp).
5.5
MEDIUM
CVE-2021-45949 2021-12-31 22:54 +00:00 Ghostscript GhostPDL 9.50 through 9.54.0 has a heap-based buffer overflow in sampled_data_finish (called from sampled_data_continue and interp).
5.5
MEDIUM
CVE-2020-16308 2020-08-13 00:09 +00:00 A buffer overflow vulnerability in p_print_image() in devices/gdevcdj.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
5.5
MEDIUM
CVE-2020-16301 2020-08-13 00:08 +00:00 A buffer overflow vulnerability in okiibm_print_page1() in devices/gdevokii.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
5.5
MEDIUM
CVE-2020-16300 2020-08-13 00:08 +00:00 A buffer overflow vulnerability in tiff12_print_page() in devices/gdevtfnx.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
5.5
MEDIUM
CVE-2020-16299 2020-08-13 00:08 +00:00 A Division by Zero vulnerability in bj10v_print_page() in contrib/japanese/gdev10v.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
5.5
MEDIUM
CVE-2020-16298 2020-08-13 00:08 +00:00 A buffer overflow vulnerability in mj_color_correct() in contrib/japanese/gdevmjc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
5.5
MEDIUM
CVE-2020-16297 2020-08-13 00:08 +00:00 A buffer overflow vulnerability in FloydSteinbergDitheringC() in contrib/gdevbjca.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
5.5
MEDIUM
CVE-2020-16296 2020-08-13 00:08 +00:00 A buffer overflow vulnerability in GetNumWrongData() in contrib/lips4/gdevlips.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
5.5
MEDIUM
CVE-2020-16295 2020-08-13 00:08 +00:00 A null pointer dereference vulnerability in clj_media_size() in devices/gdevclj.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
5.5
MEDIUM
CVE-2020-16294 2020-08-13 00:08 +00:00 A buffer overflow vulnerability in epsc_print_page() in devices/gdevepsc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
5.5
MEDIUM
CVE-2020-16293 2020-08-13 00:08 +00:00 A null pointer dereference vulnerability in compose_group_nonknockout_nonblend_isolated_allmask_common() in base/gxblend.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
5.5
MEDIUM
CVE-2020-16292 2020-08-13 00:08 +00:00 A buffer overflow vulnerability in mj_raster_cmd() in contrib/japanese/gdevmjc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
5.5
MEDIUM
CVE-2020-16291 2020-08-13 00:08 +00:00 A buffer overflow vulnerability in contrib/gdevdj9.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
5.5
MEDIUM
CVE-2020-16290 2020-08-13 00:07 +00:00 A buffer overflow vulnerability in jetp3852_print_page() in devices/gdev3852.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
5.5
MEDIUM
CVE-2020-16289 2020-08-13 00:07 +00:00 A buffer overflow vulnerability in cif_print_page() in devices/gdevcif.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
5.5
MEDIUM
CVE-2020-16288 2020-08-13 00:07 +00:00 A buffer overflow vulnerability in pj_common_print_page() in devices/gdevpjet.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
5.5
MEDIUM
CVE-2020-16287 2020-08-13 00:07 +00:00 A buffer overflow vulnerability in lprn_is_black() in contrib/lips4/gdevlprn.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
5.5
MEDIUM

More information
Click on the button to the left (OFF), to authorize the inscription of cookie improving the functionalities of the site. Click on the button to the left (Accept all), to unauthorize the inscription of cookie improving the functionalities of the site.