Filtered by vendor Artifex
Subscriptions
Total
230 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2017-6196 | 1 Artifex | 1 Afpl Ghostscript | 2024-11-21 | N/A |
Multiple use-after-free vulnerabilities in the gx_image_enum_begin function in base/gxipixel.c in Ghostscript before ecceafe3abba2714ef9b432035fe0739d9b1a283 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PostScript document. | ||||
CVE-2017-6060 | 2 Artifex, Debian | 2 Mupdf, Debian Linux | 2024-11-21 | 7.8 High |
Stack-based buffer overflow in jstest_main.c in mujstest in Artifex Software, Inc. MuPDF 1.10a allows remote attackers to have unspecified impact via a crafted image. | ||||
CVE-2017-5991 | 2 Artifex, Debian | 2 Mupdf, Debian Linux | 2024-11-21 | 7.5 High |
An issue was discovered in Artifex MuPDF before 1912de5f08e90af1d9d0a9791f58ba3afdb9d465. The pdf_run_xobject function in pdf-op-run.c encounters a NULL pointer dereference during a Fitz fz_paint_pixmap_with_mask painting operation. Versions 1.11 and later are unaffected. | ||||
CVE-2017-5951 | 1 Artifex | 1 Ghostscript | 2024-11-21 | N/A |
The mem_get_bits_rectangle function in base/gdevmem.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file. | ||||
CVE-2017-5896 | 1 Artifex | 1 Mupdf | 2024-11-21 | N/A |
Heap-based buffer overflow in the fz_subsample_pixmap function in fitz/pixmap.c in MuPDF 1.10a allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted image. | ||||
CVE-2017-5628 | 1 Artifex | 1 Mujs | 2024-11-21 | 7.8 High |
An issue was discovered in Artifex Software, Inc. MuJS before 8f62ea10a0af68e56d5c00720523ebcba13c2e6a. The MakeDay function in jsdate.c does not validate the month, leading to an integer overflow when parsing a specially crafted JS file. | ||||
CVE-2017-5627 | 1 Artifex | 1 Mujs | 2024-11-21 | 7.8 High |
An issue was discovered in Artifex Software, Inc. MuJS before 4006739a28367c708dea19aeb19b8a1a9326ce08. The jsR_setproperty function in jsrun.c lacks a check for a negative array length. This leads to an integer overflow in the js_pushstring function in jsrun.c when parsing a specially crafted JS file. | ||||
CVE-2017-17866 | 2 Artifex, Debian | 2 Mupdf, Debian Linux | 2024-11-21 | N/A |
pdf/pdf-write.c in Artifex MuPDF before 1.12.0 mishandles certain length changes when a repair operation occurs during a clean operation, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted PDF document. | ||||
CVE-2017-17858 | 1 Artifex | 1 Mupdf | 2024-11-21 | N/A |
Heap-based buffer overflow in the ensure_solid_xref function in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 allows a remote attacker to potentially execute arbitrary code via a crafted PDF file, because xref subsection object numbers are unrestricted. | ||||
CVE-2017-15652 | 1 Artifex | 1 Ghostscript | 2024-11-21 | N/A |
Artifex Ghostscript 9.22 is affected by: Obtain Information. The impact is: obtain sensitive information. The component is: affected source code file, affected function, affected executable, affected libga (imagemagick used that). The attack vector is: Someone must open a postscript file though ghostscript. Because of imagemagick also use libga, so it was affected as well. | ||||
CVE-2017-15587 | 1 Artifex | 1 Mupdf | 2024-11-21 | N/A |
An integer overflow was discovered in pdf_read_new_xref_section in pdf/pdf-xref.c in Artifex MuPDF 1.11. | ||||
CVE-2017-15369 | 1 Artifex | 1 Mupdf | 2024-11-21 | N/A |
The build_filter_chain function in pdf/pdf-stream.c in Artifex MuPDF before 2017-09-25 mishandles a certain case where a variable may reside in a register, which allows remote attackers to cause a denial of service (Fitz fz_drop_imp use-after-free and application crash) or possibly have unspecified other impact via a crafted PDF document. | ||||
CVE-2017-14947 | 2 Artifex, Microsoft | 2 Gsview, Windows | 2024-11-21 | N/A |
Artifex GSView 6.0 Beta on Windows allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to a "Read Access Violation on Block Data Move starting at mupdfnet64!mIncrementalSaveFile+0x0000000000193359." | ||||
CVE-2017-14946 | 2 Artifex, Microsoft | 2 Gsview, Windows | 2024-11-21 | N/A |
Artifex GSView 6.0 Beta on Windows allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to "Data from Faulting Address controls Branch Selection starting at mupdfnet64!mIncrementalSaveFile+0x000000000000344e." | ||||
CVE-2017-14945 | 2 Artifex, Microsoft | 2 Gsview, Windows | 2024-11-21 | N/A |
Artifex GSView 6.0 Beta on Windows allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to "Possible Stack Corruption starting at KERNELBASE!RaiseException+0x0000000000000068." | ||||
CVE-2017-14687 | 2 Artifex, Microsoft | 2 Mupdf, Windows | 2024-11-21 | N/A |
Artifex MuPDF 1.11 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to "Data from Faulting Address controls Branch Selection starting at mupdf+0x000000000016cb4f" on Windows. This occurs because of mishandling of XML tag name comparisons. | ||||
CVE-2017-14686 | 2 Artifex, Microsoft | 2 Mupdf, Windows | 2024-11-21 | N/A |
Artifex MuPDF 1.11 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to a "User Mode Write AV near NULL starting at wow64!Wow64NotifyDebugger+0x000000000000001d" on Windows. This occurs because read_zip_dir_imp in fitz/unzip.c does not check whether size fields in a ZIP entry are negative numbers. | ||||
CVE-2017-14685 | 2 Artifex, Microsoft | 2 Mupdf, Windows | 2024-11-21 | N/A |
Artifex MuPDF 1.11 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to "Data from Faulting Address controls Branch Selection starting at mupdf+0x000000000016aa61" on Windows. This occurs because xps_load_links_in_glyphs in xps/xps-link.c does not verify that an xps font could be loaded. | ||||
CVE-2017-11714 | 2 Artifex, Debian | 2 Ghostscript, Debian Linux | 2024-11-21 | N/A |
psi/ztoken.c in Artifex Ghostscript 9.21 mishandles references to the scanner state structure, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PostScript document, related to an out-of-bounds read in the igc_reloc_struct_ptr function in psi/igc.c. | ||||
CVE-2016-9601 | 2 Artifex, Debian | 3 Gpl Ghostscript, Jbig2dec, Debian Linux | 2024-11-21 | N/A |
ghostscript before version 9.21 is vulnerable to a heap based buffer overflow that was found in the ghostscript jbig2_decode_gray_scale_image function which is used to decode halftone segments in a JBIG2 image. A document (PostScript or PDF) with an embedded, specially crafted, jbig2 image could trigger a segmentation fault in ghostscript. |