GCVE - cpe:2.3:a:artifex:afpl_ghostscript:8.00:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:artifex:afpl_ghostscript:8.00:*:*:*:*:*:*:*

part: a version: 8.00 update: *

Vendor	Artifex (`0075fabc-cec9-5063-a004-04a5c9db1a9b`)
Product	Afpl Ghostscript (`d619a0ed-5f7c-5933-b8e2-105c76bb734d`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
`pkg:github/artifexsoftware/ghostpdl`	purl2cpe	2026-06-01 10:15:00.009901

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2010-4054`	vulnerable	2026-06-03 14:30:35.016063	Details available The gs_type2_interpret function in Ghostscript allows remote attackers to cause a denial of service (incorrect pointer dereference and application crash) via crafted font data in a compressed data stream, aka bug 691043. Published: 2010-10-22T22:00:00.000Z Updated: 2024-08-07T03:34:37.193Z Open on db.gcve.eu Reference links https://rhn.redhat.com/errata/RHSA-2012-0095.html http://security.gentoo.org/glsa/glsa-201412-17.xml http://rhn.redhat.com/errata/RHSA-2012-0096.html http://www.kb.cert.org/vuls/id/538191 http://ghostscript.com/pipermail/gs-cvs/2010-January/010333.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2010-2055`	vulnerable	2026-06-03 14:30:17.834665	Details available Ghostscript 8.71 and earlier reads initialization files from the current working directory, which allows local users to execute arbitrary PostScript commands via a Trojan horse file, related to improper support for the -P- option to the gs program, as demonstrated using gs_init.ps, a different vulnerability than CVE-2010-4820. Published: 2010-07-22T01:00:00.000Z Updated: 2024-08-07T02:17:14.441Z Open on db.gcve.eu Reference links http://www.osvdb.org/66247 http://secunia.com/advisories/40532 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=583183 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=583316 http://www.securityfocus.com/archive/1/511476	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2009-4897`	vulnerable	2026-06-03 14:29:59.636204	Details available Buffer overflow in gs/psi/iscan.c in Ghostscript 8.64 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDF document containing a long name. Published: 2010-07-22T01:00:00.000Z Updated: 2024-08-07T07:17:26.149Z Open on db.gcve.eu Reference links http://security.gentoo.org/glsa/glsa-201412-17.xml http://www.mandriva.com/security/advisories?name=MDVSA-2010:134 http://www.osvdb.org/66277 https://exchange.xforce.ibmcloud.com/vulnerabilities/60380 http://www.ubuntu.com/usn/USN-961-1	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2009-3743`	vulnerable	2026-06-03 14:29:53.235322	Details available Off-by-one error in the Ins_MINDEX function in the TrueType bytecode interpreter in Ghostscript before 8.71 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a malformed TrueType font in a document that trigger an integer overflow and a heap-based buffer overflow. Published: 2010-08-26T20:00:00.000Z Updated: 2024-08-07T06:38:30.343Z Open on db.gcve.eu Reference links https://rhn.redhat.com/errata/RHSA-2012-0095.html http://security.gentoo.org/glsa/glsa-201412-17.xml http://www.securitytracker.com/id?1024785 http://www.securityfocus.com/archive/1/514892/100/0/threaded http://www.kb.cert.org/vuls/id/JALR-87YGN8	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.