Aladdin Enterprises Ghostscript — known CVE vulnerabilities
Every CVE whose affected-product data names Aladdin Enterprises Ghostscript, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-1999-0155 — CVSS 7.5 (high): The ghostscript command with the -dSAFER option allows remote attackers to execute commands.
CVE-2002-0363 — CVSS 7.5 (high): ghostscript before 6.53 allows attackers to execute arbitrary commands by using .locksafe or .setsafe to reset the current pagedevice.
CVE-2004-0967 — CVSS 7.2 (high): The (1) pj-gs.sh, (2) ps2epsi, (3) pv.sh, and (4) sysvlp.sh scripts in the ESP Ghostscript (espgs) package in Trustix Secure Linux 1.5…
CVE-2000-1163 — CVSS 4.6 (medium): ghostscript before 5.10-16 uses an empty LD_RUN_PATH environmental variable to find libraries in the current directory, which could allow…
CVE-2000-1162 — CVSS 3.7 (low): ghostscript before 5.10-16 allows local users to overwrite files of other users via a symlink attack.
CVE-2001-1353 — CVSS 2.6 (low): ghostscript before 6.51 allows local users to read and write arbitrary files as the 'lp' user via the file operator, even with -dSAFER…