Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2009-0584
Modified
More InfoOfficial Page
Source-secalert@redhat.com
View Known Exploited Vulnerability (KEV) details
Published At-23 Mar, 2009 | 20:00
Updated At-10 Oct, 2018 | 19:29

icc.c in the International Color Consortium (ICC) Format library (aka icclib), as used in Ghostscript 8.64 and earlier and Argyll Color Management System (CMS) 1.0.3 and earlier, allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code by using a device file for processing a crafted image file associated with large integer values for certain sizes, related to an ICC profile in a (1) PostScript or (2) PDF file with embedded images.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.09.3HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
CPE Matches
argyllcms
argyllcms
>>cms>>Versions up to 1.0.3(inclusive)
cpe:2.3:a:argyllcms:cms:*:*:*:*:*:*:*:*
Ghostscript (Artifex Software, Inc.)
ghostscript
>>ghostscript>>Versions up to 8.64(inclusive)
cpe:2.3:a:ghostscript:ghostscript:*:*:*:*:*:*:*:*
Ghostscript (Artifex Software, Inc.)
ghostscript
>>ghostscript>>0
cpe:2.3:a:ghostscript:ghostscript:0:*:*:*:*:*:*:*
Ghostscript (Artifex Software, Inc.)
ghostscript
>>ghostscript>>5.50
cpe:2.3:a:ghostscript:ghostscript:5.50:*:*:*:*:*:*:*
Ghostscript (Artifex Software, Inc.)
ghostscript
>>ghostscript>>7.05
cpe:2.3:a:ghostscript:ghostscript:7.05:*:*:*:*:*:*:*
Ghostscript (Artifex Software, Inc.)
ghostscript
>>ghostscript>>7.07
cpe:2.3:a:ghostscript:ghostscript:7.07:*:*:*:*:*:*:*
Ghostscript (Artifex Software, Inc.)
ghostscript
>>ghostscript>>8.0.1
cpe:2.3:a:ghostscript:ghostscript:8.0.1:*:*:*:*:*:*:*
Ghostscript (Artifex Software, Inc.)
ghostscript
>>ghostscript>>8.15
cpe:2.3:a:ghostscript:ghostscript:8.15:*:*:*:*:*:*:*
Ghostscript (Artifex Software, Inc.)
ghostscript
>>ghostscript>>8.15.2
cpe:2.3:a:ghostscript:ghostscript:8.15.2:*:*:*:*:*:*:*
Ghostscript (Artifex Software, Inc.)
ghostscript
>>ghostscript>>8.54
cpe:2.3:a:ghostscript:ghostscript:8.54:*:*:*:*:*:*:*
Ghostscript (Artifex Software, Inc.)
ghostscript
>>ghostscript>>8.56
cpe:2.3:a:ghostscript:ghostscript:8.56:*:*:*:*:*:*:*
Ghostscript (Artifex Software, Inc.)
ghostscript
>>ghostscript>>8.57
cpe:2.3:a:ghostscript:ghostscript:8.57:*:*:*:*:*:*:*
Ghostscript (Artifex Software, Inc.)
ghostscript
>>ghostscript>>8.60
cpe:2.3:a:ghostscript:ghostscript:8.60:*:*:*:*:*:*:*
Ghostscript (Artifex Software, Inc.)
ghostscript
>>ghostscript>>8.61
cpe:2.3:a:ghostscript:ghostscript:8.61:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-189Primarynvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://bugs.gentoo.org/show_bug.cgi?id=261087secalert@redhat.com
N/A
http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.htmlsecalert@redhat.com
N/A
http://osvdb.org/52988secalert@redhat.com
N/A
http://secunia.com/advisories/34266secalert@redhat.com
N/A
http://secunia.com/advisories/34373secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/34381secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/34393secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/34398secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/34418secalert@redhat.com
N/A
http://secunia.com/advisories/34437secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/34443secalert@redhat.com
N/A
http://secunia.com/advisories/34469secalert@redhat.com
N/A
http://secunia.com/advisories/34729secalert@redhat.com
N/A
http://secunia.com/advisories/35559secalert@redhat.com
N/A
http://secunia.com/advisories/35569secalert@redhat.com
N/A
http://securitytracker.com/id?1021868secalert@redhat.com
N/A
http://sunsolve.sun.com/search/document.do?assetkey=1-26-262288-1secalert@redhat.com
N/A
http://support.avaya.com/elmodocs2/security/ASA-2009-098.htmsecalert@redhat.com
N/A
http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0050secalert@redhat.com
N/A
http://www.auscert.org.au/render.html?it=10666secalert@redhat.com
US Government Resource
http://www.debian.org/security/2009/dsa-1746secalert@redhat.com
N/A
http://www.gentoo.org/security/en/glsa/glsa-200903-37.xmlsecalert@redhat.com
N/A
http://www.mandriva.com/security/advisories?name=MDVSA-2009:095secalert@redhat.com
N/A
http://www.mandriva.com/security/advisories?name=MDVSA-2009:096secalert@redhat.com
N/A
http://www.redhat.com/support/errata/RHSA-2009-0345.htmlsecalert@redhat.com
Vendor Advisory
http://www.securityfocus.com/archive/1/501994/100/0/threadedsecalert@redhat.com
N/A
http://www.securityfocus.com/bid/34184secalert@redhat.com
N/A
http://www.ubuntu.com/usn/USN-743-1secalert@redhat.com
N/A
http://www.vupen.com/english/advisories/2009/0776secalert@redhat.com
Vendor Advisory
http://www.vupen.com/english/advisories/2009/0777secalert@redhat.com
Vendor Advisory
http://www.vupen.com/english/advisories/2009/0816secalert@redhat.com
Vendor Advisory
http://www.vupen.com/english/advisories/2009/1708secalert@redhat.com
N/A
https://bugzilla.redhat.com/show_bug.cgi?id=487744secalert@redhat.com
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/49327secalert@redhat.com
N/A
https://issues.rpath.com/browse/RPL-2991secalert@redhat.com
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10544secalert@redhat.com
N/A
https://usn.ubuntu.com/757-1/secalert@redhat.com
N/A
https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00770.htmlsecalert@redhat.com
Vendor Advisory
https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00772.htmlsecalert@redhat.com
Vendor Advisory
https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00887.htmlsecalert@redhat.com
N/A
https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00916.htmlsecalert@redhat.com
N/A
Change History
0Changes found
Details not found