Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2015-3228

Summary
Assigner-redhat
Assigner Org ID-53f830b8-0a3f-465b-8143-3b8a9948e749
Published At-11 Aug, 2015 | 14:00
Updated At-06 Aug, 2024 | 05:39
Rejected At-
Credits

Integer overflow in the gs_heap_alloc_bytes function in base/gsmalloc.c in Ghostscript 9.15 and earlier allows remote attackers to cause a denial of service (crash) via a crafted Postscript (ps) file, as demonstrated by using the ps2pdf command, which triggers an out-of-bounds read or write.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:redhat
Assigner Org ID:53f830b8-0a3f-465b-8143-3b8a9948e749
Published At:11 Aug, 2015 | 14:00
Updated At:06 Aug, 2024 | 05:39
Rejected At:
▼CVE Numbering Authority (CNA)

Integer overflow in the gs_heap_alloc_bytes function in base/gsmalloc.c in Ghostscript 9.15 and earlier allows remote attackers to cause a denial of service (crash) via a crafted Postscript (ps) file, as demonstrated by using the ps2pdf command, which triggers an out-of-bounds read or write.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.debian.org/security/2015/dsa-3326
vendor-advisory
x_refsource_DEBIAN
http://bugs.ghostscript.com/show_bug.cgi?id=696070
x_refsource_CONFIRM
http://www.securitytracker.com/id/1033149
vdb-entry
x_refsource_SECTRACK
https://bugzilla.redhat.com/show_bug.cgi?id=1232805
x_refsource_CONFIRM
http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=0c0b0859
x_refsource_CONFIRM
http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
x_refsource_CONFIRM
http://bugs.ghostscript.com/show_bug.cgi?id=696041
x_refsource_CONFIRM
https://security.gentoo.org/glsa/201612-33
vendor-advisory
x_refsource_GENTOO
http://www.securityfocus.com/bid/76017
vdb-entry
x_refsource_BID
http://www.ubuntu.com/usn/USN-2697-1
vendor-advisory
x_refsource_UBUNTU
http://openwall.com/lists/oss-security/2015/07/23/14
mailing-list
x_refsource_MLIST
Hyperlink: http://www.debian.org/security/2015/dsa-3326
Resource:
vendor-advisory
x_refsource_DEBIAN
Hyperlink: http://bugs.ghostscript.com/show_bug.cgi?id=696070
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.securitytracker.com/id/1033149
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=1232805
Resource:
x_refsource_CONFIRM
Hyperlink: http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=0c0b0859
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
Resource:
x_refsource_CONFIRM
Hyperlink: http://bugs.ghostscript.com/show_bug.cgi?id=696041
Resource:
x_refsource_CONFIRM
Hyperlink: https://security.gentoo.org/glsa/201612-33
Resource:
vendor-advisory
x_refsource_GENTOO
Hyperlink: http://www.securityfocus.com/bid/76017
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://www.ubuntu.com/usn/USN-2697-1
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: http://openwall.com/lists/oss-security/2015/07/23/14
Resource:
mailing-list
x_refsource_MLIST
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.debian.org/security/2015/dsa-3326
vendor-advisory
x_refsource_DEBIAN
x_transferred
http://bugs.ghostscript.com/show_bug.cgi?id=696070
x_refsource_CONFIRM
x_transferred
http://www.securitytracker.com/id/1033149
vdb-entry
x_refsource_SECTRACK
x_transferred
https://bugzilla.redhat.com/show_bug.cgi?id=1232805
x_refsource_CONFIRM
x_transferred
http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=0c0b0859
x_refsource_CONFIRM
x_transferred
http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
x_refsource_CONFIRM
x_transferred
http://bugs.ghostscript.com/show_bug.cgi?id=696041
x_refsource_CONFIRM
x_transferred
https://security.gentoo.org/glsa/201612-33
vendor-advisory
x_refsource_GENTOO
x_transferred
http://www.securityfocus.com/bid/76017
vdb-entry
x_refsource_BID
x_transferred
http://www.ubuntu.com/usn/USN-2697-1
vendor-advisory
x_refsource_UBUNTU
x_transferred
http://openwall.com/lists/oss-security/2015/07/23/14
mailing-list
x_refsource_MLIST
x_transferred
Hyperlink: http://www.debian.org/security/2015/dsa-3326
Resource:
vendor-advisory
x_refsource_DEBIAN
x_transferred
Hyperlink: http://bugs.ghostscript.com/show_bug.cgi?id=696070
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.securitytracker.com/id/1033149
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=1232805
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=0c0b0859
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://bugs.ghostscript.com/show_bug.cgi?id=696041
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://security.gentoo.org/glsa/201612-33
Resource:
vendor-advisory
x_refsource_GENTOO
x_transferred
Hyperlink: http://www.securityfocus.com/bid/76017
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://www.ubuntu.com/usn/USN-2697-1
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: http://openwall.com/lists/oss-security/2015/07/23/14
Resource:
mailing-list
x_refsource_MLIST
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secalert@redhat.com
Published At:11 Aug, 2015 | 14:59
Updated At:06 May, 2026 | 22:30

Integer overflow in the gs_heap_alloc_bytes function in base/gsmalloc.c in Ghostscript 9.15 and earlier allows remote attackers to cause a denial of service (crash) via a crafted Postscript (ps) file, as demonstrated by using the ps2pdf command, which triggers an out-of-bounds read or write.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.06.8MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
Type: Primary
Version: 2.0
Base score: 6.8
Base severity: MEDIUM
Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P
CPE Matches
Artifex Software Inc.
artifex
>>afpl_ghostscript>>Versions up to 9.15(inclusive)
cpe:2.3:a:artifex:afpl_ghostscript:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-189Primarynvd@nist.gov
CWE ID: CWE-189
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://bugs.ghostscript.com/show_bug.cgi?id=696041secalert@redhat.com
N/A
http://bugs.ghostscript.com/show_bug.cgi?id=696070secalert@redhat.com
N/A
http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=0c0b0859secalert@redhat.com
N/A
http://openwall.com/lists/oss-security/2015/07/23/14secalert@redhat.com
N/A
http://www.debian.org/security/2015/dsa-3326secalert@redhat.com
N/A
http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.htmlsecalert@redhat.com
N/A
http://www.securityfocus.com/bid/76017secalert@redhat.com
N/A
http://www.securitytracker.com/id/1033149secalert@redhat.com
N/A
http://www.ubuntu.com/usn/USN-2697-1secalert@redhat.com
N/A
https://bugzilla.redhat.com/show_bug.cgi?id=1232805secalert@redhat.com
N/A
https://security.gentoo.org/glsa/201612-33secalert@redhat.com
N/A
http://bugs.ghostscript.com/show_bug.cgi?id=696041af854a3a-2127-422b-91ae-364da2661108
N/A
http://bugs.ghostscript.com/show_bug.cgi?id=696070af854a3a-2127-422b-91ae-364da2661108
N/A
http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=0c0b0859af854a3a-2127-422b-91ae-364da2661108
N/A
http://openwall.com/lists/oss-security/2015/07/23/14af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.debian.org/security/2015/dsa-3326af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/76017af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securitytracker.com/id/1033149af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.ubuntu.com/usn/USN-2697-1af854a3a-2127-422b-91ae-364da2661108
N/A
https://bugzilla.redhat.com/show_bug.cgi?id=1232805af854a3a-2127-422b-91ae-364da2661108
N/A
https://security.gentoo.org/glsa/201612-33af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://bugs.ghostscript.com/show_bug.cgi?id=696041
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://bugs.ghostscript.com/show_bug.cgi?id=696070
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=0c0b0859
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://openwall.com/lists/oss-security/2015/07/23/14
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.debian.org/security/2015/dsa-3326
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/76017
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.securitytracker.com/id/1033149
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/USN-2697-1
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=1232805
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://security.gentoo.org/glsa/201612-33
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://bugs.ghostscript.com/show_bug.cgi?id=696041
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://bugs.ghostscript.com/show_bug.cgi?id=696070
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=0c0b0859
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://openwall.com/lists/oss-security/2015/07/23/14
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.debian.org/security/2015/dsa-3326
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/76017
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securitytracker.com/id/1033149
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/USN-2697-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=1232805
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://security.gentoo.org/glsa/201612-33
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

71Records found
CVE-2018-19134
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-1.31% / 80.18%
||
7 Day CHG~0.00%
Published-20 Dec, 2018 | 22:00
Updated-05 Aug, 2024 | 11:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Artifex Ghostscript through 9.25, the setpattern operator did not properly validate certain types. A specially crafted PostScript document could exploit this to crash Ghostscript or, possibly, execute arbitrary code in the context of the Ghostscript process. This is a type confusion issue because of failure to check whether the Implementation of a pattern dictionary was a structure type.

Action-Not Available
Vendor-n/aDebian GNU/LinuxRed Hat, Inc.Artifex Software Inc.
Product-enterprise_linux_serverdebian_linuxenterprise_linux_server_eusghostscriptenterprise_linux_server_ausenterprise_linux_workstationenterprise_linux_desktopn/a
CWE ID-CWE-704
Incorrect Type Conversion or Cast
CVE-2018-19477
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.82% / 74.83%
||
7 Day CHG~0.00%
Published-23 Nov, 2018 | 05:00
Updated-05 Aug, 2024 | 11:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

psi/zfjbig2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because of a JBIG2Decode type confusion.

Action-Not Available
Vendor-n/aCanonical Ltd.Red Hat, Inc.Debian GNU/LinuxArtifex Software Inc.
Product-enterprise_linux_serverubuntu_linuxdebian_linuxenterprise_linux_server_eusghostscriptopenshift_container_platformenterprise_linux_server_ausenterprise_linux_workstationenterprise_linux_server_tusenterprise_linux_desktopn/a
CWE ID-CWE-704
Incorrect Type Conversion or Cast
CVE-2018-19476
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.82% / 74.83%
||
7 Day CHG~0.00%
Published-23 Nov, 2018 | 05:00
Updated-05 Aug, 2024 | 11:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

psi/zicc.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because of a setcolorspace type confusion.

Action-Not Available
Vendor-n/aCanonical Ltd.Red Hat, Inc.Debian GNU/LinuxArtifex Software Inc.
Product-enterprise_linux_serverubuntu_linuxdebian_linuxenterprise_linux_server_eusghostscriptopenshift_container_platformenterprise_linux_server_ausenterprise_linux_workstationenterprise_linux_server_tusenterprise_linux_desktopn/a
CWE ID-CWE-704
Incorrect Type Conversion or Cast
CVE-2018-17183
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.35% / 57.82%
||
7 Day CHG~0.00%
Published-19 Sep, 2018 | 15:00
Updated-05 Aug, 2024 | 10:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Artifex Ghostscript before 9.25 allowed a user-writable error exception table, which could be used by remote attackers able to supply crafted PostScript to potentially overwrite or replace error handlers to inject code.

Action-Not Available
Vendor-n/aCanonical Ltd.Red Hat, Inc.Debian GNU/LinuxArtifex Software Inc.
Product-enterprise_linux_serverubuntu_linuxdebian_linuxenterprise_linux_server_eusghostscriptenterprise_linux_server_ausenterprise_linux_workstationenterprise_linux_server_tusenterprise_linux_desktopn/a
CVE-2018-15908
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.32% / 55.50%
||
7 Day CHG~0.00%
Published-27 Aug, 2018 | 17:00
Updated-05 Aug, 2024 | 10:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Artifex Ghostscript 9.23 before 2018-08-23, attackers are able to supply malicious PostScript files to bypass .tempfile restrictions and write files.

Action-Not Available
Vendor-n/aCanonical Ltd.Red Hat, Inc.Debian GNU/LinuxArtifex Software Inc.
Product-enterprise_linux_serverubuntu_linuxdebian_linuxenterprise_linux_server_eusghostscriptenterprise_linux_server_ausenterprise_linux_workstationenterprise_linux_desktopn/a
CVE-2018-16513
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.26% / 49.07%
||
7 Day CHG~0.00%
Published-05 Sep, 2018 | 13:00
Updated-05 Aug, 2024 | 10:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use a type confusion in the setcolor function to crash the interpreter or possibly have unspecified other impact.

Action-Not Available
Vendor-n/aCanonical Ltd.Pulse SecureArtifex Software Inc.Debian GNU/Linux
Product-ubuntu_linuxdebian_linuxghostscriptpulse_connect_securegpl_ghostscriptn/a
CWE ID-CWE-704
Incorrect Type Conversion or Cast
CVE-2018-16543
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.22% / 44.59%
||
7 Day CHG~0.00%
Published-05 Sep, 2018 | 18:00
Updated-05 Aug, 2024 | 10:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Artifex Ghostscript before 9.24, gssetresolution and gsgetresolution allow attackers to have an unspecified impact.

Action-Not Available
Vendor-n/aCanonical Ltd.Debian GNU/LinuxArtifex Software Inc.
Product-ubuntu_linuxdebian_linuxghostscriptn/a
CVE-2017-9727
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-1.29% / 80.04%
||
7 Day CHG~0.00%
Published-26 Jul, 2017 | 19:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The gx_ttfReader__Read function in base/gxttfb.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document.

Action-Not Available
Vendor-n/aDebian GNU/LinuxArtifex Software Inc.
Product-debian_linuxghostscript_ghostxpsn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-1000038
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.94% / 76.57%
||
7 Day CHG~0.00%
Published-24 May, 2018 | 13:00
Updated-05 Aug, 2024 | 12:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Artifex MuPDF 1.12.0 and earlier, a stack buffer overflow in function pdf_lookup_cmap_full in pdf/pdf-cmap.c could allow an attacker to execute arbitrary code via a crafted file.

Action-Not Available
Vendor-n/aArtifex Software Inc.
Product-mupdfn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2017-9835
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.29% / 52.32%
||
7 Day CHG~0.00%
Published-26 Jul, 2017 | 19:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The gs_alloc_ref_array function in psi/ialloc.c in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted PostScript document. This is related to a lack of an integer overflow check in base/gsalloc.c.

Action-Not Available
Vendor-n/aDebian GNU/LinuxArtifex Software Inc.
Product-ghostscriptdebian_linuxn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2017-9611
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.39% / 60.58%
||
7 Day CHG~0.00%
Published-26 Jul, 2017 | 19:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Ins_MIRP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document.

Action-Not Available
Vendor-n/aDebian GNU/LinuxArtifex Software Inc.
Product-ghostscriptdebian_linuxn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-9620
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.67% / 71.68%
||
7 Day CHG~0.00%
Published-26 Jul, 2017 | 19:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The xps_select_font_encoding function in xps/xpsfont.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document, related to the xps_encode_font_char_imp function.

Action-Not Available
Vendor-n/aArtifex Software Inc.
Product-ghostscript_ghostxpsn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-9740
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.41% / 61.52%
||
7 Day CHG~0.00%
Published-26 Jul, 2017 | 19:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The xps_decode_font_char_imp function in xps/xpsfont.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact via a crafted document.

Action-Not Available
Vendor-n/aArtifex Software Inc.
Product-ghostscript_ghostxpsn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-9612
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-1.29% / 80.04%
||
7 Day CHG~0.00%
Published-26 Jul, 2017 | 19:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Ins_IP function in base/ttinterp.c in Artifex Ghostscript GhostXPS 9.21 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact via a crafted document.

Action-Not Available
Vendor-n/aDebian GNU/LinuxArtifex Software Inc.
Product-debian_linuxghostscript_ghostxpsn/a
CWE ID-CWE-416
Use After Free
CVE-2017-8291
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-92.93% / 99.78%
||
7 Day CHG~0.00%
Published-27 Apr, 2017 | 01:41
Updated-21 Apr, 2026 | 18:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-06-14||Apply updates per vendor instructions.

Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a "/OutputFile (%pipe%" substring in a crafted .eps document that is an input to the gs program, as exploited in the wild in April 2017.

Action-Not Available
Vendor-n/aDebian GNU/LinuxRed Hat, Inc.Artifex Software Inc.
Product-ghostscriptdebian_linuxenterprise_linux_serverenterprise_linux_workstationenterprise_linux_server_tusenterprise_linux_desktopenterprise_linux_server_ausenterprise_linux_eusn/aGhostscript
CWE ID-CWE-843
Access of Resource Using Incompatible Type ('Type Confusion')
CVE-2017-7975
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.35% / 57.72%
||
7 Day CHG~0.00%
Published-19 Apr, 2017 | 16:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Artifex jbig2dec 0.13, as used in Ghostscript, allows out-of-bounds writes because of an integer overflow in the jbig2_build_huffman_table function in jbig2_huffman.c during operations on a crafted JBIG2 file, leading to a denial of service (application crash) or possibly execution of arbitrary code.

Action-Not Available
Vendor-n/aArtifex Software Inc.
Product-jbig2decn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2017-7264
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.19% / 41.21%
||
7 Day CHG~0.00%
Published-26 Mar, 2017 | 05:47
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free vulnerability in the fz_subsample_pixmap function in fitz/pixmap.c in Artifex MuPDF 1.10a allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted document.

Action-Not Available
Vendor-n/aArtifex Software Inc.
Product-mupdfn/a
CWE ID-CWE-416
Use After Free
CVE-2017-6196
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.35% / 57.82%
||
7 Day CHG~0.00%
Published-24 Feb, 2017 | 04:23
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple use-after-free vulnerabilities in the gx_image_enum_begin function in base/gxipixel.c in Ghostscript before ecceafe3abba2714ef9b432035fe0739d9b1a283 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PostScript document.

Action-Not Available
Vendor-n/aArtifex Software Inc.
Product-afpl_ghostscriptn/a
CWE ID-CWE-416
Use After Free
CVE-2017-6060
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-2.56% / 85.80%
||
7 Day CHG~0.00%
Published-15 Mar, 2017 | 14:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in jstest_main.c in mujstest in Artifex Software, Inc. MuPDF 1.10a allows remote attackers to have unspecified impact via a crafted image.

Action-Not Available
Vendor-n/aDebian GNU/LinuxArtifex Software Inc.
Product-debian_linuxmupdfn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2017-5627
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.21% / 43.09%
||
7 Day CHG~0.00%
Published-30 Jan, 2017 | 04:24
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Artifex Software, Inc. MuJS before 4006739a28367c708dea19aeb19b8a1a9326ce08. The jsR_setproperty function in jsrun.c lacks a check for a negative array length. This leads to an integer overflow in the js_pushstring function in jsrun.c when parsing a specially crafted JS file.

Action-Not Available
Vendor-n/aArtifex Software Inc.
Product-mujsn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2020-24343
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.18% / 39.74%
||
7 Day CHG~0.00%
Published-13 Aug, 2020 | 18:54
Updated-04 Aug, 2024 | 15:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Artifex MuJS through 1.0.7 has a use-after-free in jsrun.c because of unconditional marking in jsgc.c.

Action-Not Available
Vendor-n/aArtifex Software Inc.
Product-mujsn/a
CWE ID-CWE-416
Use After Free
  • Previous
  • 1
  • 2
  • Next
Details not found