Artifex

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2017-9216 2Artifex Debian 2Debian Linux Jbig2dec May 13, 2026 May 24, 2017 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 libjbig2dec.a in Artifex jbig2dec 0.13, as used in MuPDF and Ghostscript, has a NULL pointer dereference in the jbig2_huffman_get function in jbig2_huffman.c. For example, the jbig2dec utility will crash (segmentation fa...Show more libjbig2dec.a in Artifex jbig2dec 0.13, as used in MuPDF and Ghostscript, has a NULL pointer dereference in the jbig2_huffman_get function in jbig2_huffman.c. For example, the jbig2dec utility will crash (segmentation fault) when parsing an invalid file.Show less
CVE-2016-7979 1Artifex 1Ghostscript May 13, 2026 May 23, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently execute arbitrary code by leveraging type confusion in .initialize_dsc_parser.
CVE-2016-7978 1Artifex 1Ghostscript May 13, 2026 May 23, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Use-after-free vulnerability in Ghostscript 9.20 might allow remote attackers to execute arbitrary code via vectors related to a reference leak in .setdevice.
CVE-2016-7977 1Artifex 1Ghostscript May 13, 2026 May 23, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently read arbitrary files via the use of the .libfile operator in a crafted postscript document.
CVE-2017-8908 1Artifex 1Ghostscript May 13, 2026 May 12, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 The mark_line_tr function in gxscanc.c in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PostScript document.
CVE-2017-8291 3Artifex DebianRedhat 8Debian Linux Enterprise Linux DesktopEnterprise Linux Eus+5 more Apr 21, 2026 Apr 27, 2017 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a "/OutputFile (%pipe%" substring in a crafted .eps document that is an input to the gs program...Show more Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a "/OutputFile (%pipe%" substring in a crafted .eps document that is an input to the gs program, as exploited in the wild in April 2017.Show less
CVE-2017-7976 1Artifex 1Jbig2dec May 13, 2026 Apr 19, 2017 N/A· v4 7.1 HIGH· v3 5.8 MEDIUM· v2 Artifex jbig2dec 0.13 allows out-of-bounds writes and reads because of an integer overflow in the jbig2_image_compose function in jbig2_image.c during operations on a crafted .jb2 file, leading to a denial of service (ap...Show more Artifex jbig2dec 0.13 allows out-of-bounds writes and reads because of an integer overflow in the jbig2_image_compose function in jbig2_image.c during operations on a crafted .jb2 file, leading to a denial of service (application crash) or disclosure of sensitive information from process memory.Show less
CVE-2017-7975 1Artifex 1Jbig2dec May 13, 2026 Apr 19, 2017 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 Artifex jbig2dec 0.13, as used in Ghostscript, allows out-of-bounds writes because of an integer overflow in the jbig2_build_huffman_table function in jbig2_huffman.c during operations on a crafted JBIG2 file, leading to...Show more Artifex jbig2dec 0.13, as used in Ghostscript, allows out-of-bounds writes because of an integer overflow in the jbig2_build_huffman_table function in jbig2_huffman.c during operations on a crafted JBIG2 file, leading to a denial of service (application crash) or possibly execution of arbitrary code.Show less
CVE-2017-7948 1Artifex 1Ghostscript May 13, 2026 Apr 19, 2017 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 Integer overflow in the mark_curve function in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact via a cra...Show more Integer overflow in the mark_curve function in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact via a crafted PostScript document.Show less
CVE-2017-7885 1Artifex 1Jbig2dec May 13, 2026 Apr 17, 2017 N/A· v4 7.1 HIGH· v3 5.8 MEDIUM· v2 Artifex jbig2dec 0.13 has a heap-based buffer over-read leading to denial of service (application crash) or disclosure of sensitive information from process memory, because of an integer overflow in the jbig2_decode_symb...Show more Artifex jbig2dec 0.13 has a heap-based buffer over-read leading to denial of service (application crash) or disclosure of sensitive information from process memory, because of an integer overflow in the jbig2_decode_symbol_dict function in jbig2_symbol_dict.c in libjbig2dec.a during operation on a crafted .jb2 file.Show less
CVE-2016-8602 1Artifex 1Ghostscript May 13, 2026 Apr 14, 2017 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 The .sethalftone5 function in psi/zht2.c in Ghostscript before 9.21 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Postscript document that calls...Show more The .sethalftone5 function in psi/zht2.c in Ghostscript before 9.21 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Postscript document that calls .sethalftone5 with an empty operand stack.Show less
CVE-2016-10317 1Artifex 1Ghostscript May 13, 2026 Apr 3, 2017 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 The fill_threshhold_buffer function in base/gxht_thresh.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly hav...Show more The fill_threshhold_buffer function in base/gxht_thresh.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted PostScript document.Show less
CVE-2017-5951 1Artifex 1Ghostscript May 13, 2026 Apr 3, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 The mem_get_bits_rectangle function in base/gdevmem.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file.
CVE-2016-10221 1Artifex 1Mupdf May 13, 2026 Apr 3, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 The count_entries function in pdf-layer.c in Artifex Software, Inc. MuPDF 1.10a allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted PDF document.
CVE-2016-10220 1Artifex 1Ghostscript May 13, 2026 Apr 3, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 The gs_makewordimagedevice function in base/gsdevmem.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file t...Show more The gs_makewordimagedevice function in base/gsdevmem.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file that is mishandled in the PDF Transparency module.Show less
CVE-2016-10219 1Artifex 1Ghostscript May 13, 2026 Apr 3, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 The intersect function in base/gxfill.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted file.
CVE-2016-10218 1Artifex 1Ghostscript May 13, 2026 Apr 3, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 The pdf14_pop_transparency_group function in base/gdevp14.c in the PDF Transparency module in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference and app...Show more The pdf14_pop_transparency_group function in base/gdevp14.c in the PDF Transparency module in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file.Show less
CVE-2016-10217 1Artifex 1Ghostscript May 13, 2026 Apr 3, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 The pdf14_open function in base/gdevp14.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted file that is mishandled in th...Show more The pdf14_open function in base/gdevp14.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted file that is mishandled in the color management module.Show less
CVE-2017-7264 1Artifex 1Mupdf May 13, 2026 Mar 26, 2017 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 Use-after-free vulnerability in the fz_subsample_pixmap function in fitz/pixmap.c in Artifex MuPDF 1.10a allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact...Show more Use-after-free vulnerability in the fz_subsample_pixmap function in fitz/pixmap.c in Artifex MuPDF 1.10a allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted document.Show less
CVE-2016-10133 1Artifex 1Mujs May 13, 2026 Mar 24, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Heap-based buffer overflow in the js_stackoverflow function in jsrun.c in Artifex Software, Inc. MuJS allows attackers to have unspecified impact by leveraging an error when dropping extra arguments to lightweight functi...Show more Heap-based buffer overflow in the js_stackoverflow function in jsrun.c in Artifex Software, Inc. MuJS allows attackers to have unspecified impact by leveraging an error when dropping extra arguments to lightweight functions.Show less

Previous 1...9 101112 13 Next