Marc Schoenefeld discovered a buffer overflow in Netpbm when loading certain images. If a user or automated system were tricked into opening a specially crafted XPM image, a remote attacker could crash Netpbm. The default compiler options for affected releases should reduce the vulnerability to a denial of service.
It was discovered that JasPer did not correctly handle memory allocation when parsing certain malformed JPEG2000 images. If a user were tricked into opening a specially crafted image with an application that uses libjasper, an attacker could cause a denial of service and possibly execute arbitrary code with the user"s privileges. It was discovered that JasPer created temporary files in an insecur ...
ghostscript: The GPL Ghostscript PostScript/PDF interpreter Ghostscript could be made to crash or run programs as your login if it opened a specially crafted file.
ghostscript: PostScript and PDF interpreter Details: USN-2434-1 fixed a vulnerability in JasPer. This update provides the corresponding fix for the JasPer library embedded in the Ghostscript package. Original advisory Ghostscript could be made to crash or run programs as your login if it opened a specially crafted file.
ghostscript: PostScript and PDF interpreter Details: USN-2483-1 fixed vulnerabilities in JasPer. This update provides the corresponding fix for the JasPer library embedded in the Ghostscript package. Original advisory Ghostscript could be made to crash or run programs as your login if it opened a specially crafted file.