Debian Ghostscript vulnerabilities

CVE-2009-3720 [MEDIUM] CVE-2009-3720: audacity - The updatePosition function in lib/xmltok_impl.c in libexpat in Expat 2.0.1, as ... The updatePosition function in lib/xmltok_impl.c in libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and other software, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with crafted UTF-8 sequences that trigger a buffer over-read, a different vulnerability than CVE-2009-2625. Scope: local bookwor

CVE-2009-3560 [MEDIUM] CVE-2009-3560: audacity - The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, as used in ... The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, as used in the XML-Twig module for Perl, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with malformed UTF-8 sequences that trigger a buffer over-read, related to the doProlog function in lib/xmlparse.c, a different vulnerability than CVE-20

CVE-2008-3522 [CRITICAL] CVE-2008-3522: ghostscript - Buffer overflow in the jas_stream_printf function in libjasper/base/jas_stream.c... Buffer overflow in the jas_stream_printf function in libjasper/base/jas_stream.c in JasPer 1.900.1 might allow context-dependent attackers to have an unknown impact via vectors related to the mif_hdr_put function and use of vsprintf. Scope: local bookworm: resolved (fixed in 8.64~dfsg-2) bullseye: resolved (fixed in 8.64~dfsg-2) forky: resolved (fixed in 8.64~

CVE-2008-0411 [MEDIUM] CVE-2008-0411: ghostscript - Stack-based buffer overflow in the zseticcspace function in zicc.c in Ghostscrip... Stack-based buffer overflow in the zseticcspace function in zicc.c in Ghostscript 8.61 and earlier allows remote attackers to execute arbitrary code via a postscript (.ps) file containing a long Range array in a .seticcspace operator. Scope: local bookworm: resolved (fixed in 8.61.dfsg.1-1.1) bullseye: resolved (fixed in 8.61.dfsg.1-1.1) forky: resolved (fixed i

CVE-2008-6679 [MEDIUM] CVE-2008-6679: ghostscript - Buffer overflow in the BaseFont writer module in Ghostscript 8.62, and possibly ... Buffer overflow in the BaseFont writer module in Ghostscript 8.62, and possibly other versions, allows remote attackers to cause a denial of service (ps2pdf crash) and possibly execute arbitrary code via a crafted Postscript file. Scope: local bookworm: resolved (fixed in 8.64~dfsg-1) bullseye: resolved (fixed in 8.64~dfsg-1) forky: resolved (fixed in 8.64~dfsg-

CVE-2008-3520 [CRITICAL] CVE-2008-3520: ghostscript - Multiple integer overflows in JasPer 1.900.1 might allow context-dependent attac... Multiple integer overflows in JasPer 1.900.1 might allow context-dependent attackers to have an unknown impact via a crafted image file, related to integer multiplication for memory allocation. Scope: local bookworm: resolved (fixed in 8.64~dfsg-2) bullseye: resolved (fixed in 8.64~dfsg-2) forky: resolved (fixed in 8.64~dfsg-2) sid: resolved (fixed in 8.64~dfs

CVE-2007-6725 [HIGH] CVE-2007-6725: ghostscript - The CCITTFax decoding filter in Ghostscript 8.60, 8.61, and possibly other versi... The CCITTFax decoding filter in Ghostscript 8.60, 8.61, and possibly other versions, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PDF file that triggers a buffer underflow in the cf_decode_2d function. Scope: local bookworm: resolved (fixed in 8.63.dfsg.1-1) bullseye: resolved (fixed in 8.63.dfsg.1-

CVE-2007-2721 [MEDIUM] CVE-2007-2721: ghostscript - The jpc_qcx_getcompparms function in jpc/jpc_cs.c for the JasPer JPEG-2000 libra... The jpc_qcx_getcompparms function in jpc/jpc_cs.c for the JasPer JPEG-2000 library (libjasper) before 1.900 allows remote user-assisted attackers to cause a denial of service (crash) and possibly corrupt the heap via malformed image files, as originally demonstrated using imagemagick convert. Scope: local bookworm: resolved (fixed in 8.61.dfsg.1~svn8187-1.1) bul