Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2012-4405
Modified
More InfoOfficial Page
Source-secalert@redhat.com
View Known Exploited Vulnerability (KEV) details
Published At-18 Sep, 2012 | 17:55
Updated At-29 Apr, 2026 | 01:13

Multiple integer underflows in the icmLut_allocate function in International Color Consortium (ICC) Format library (icclib), as used in Ghostscript 9.06 and Argyll Color Management System, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) PostScript or (2) PDF file with embedded images, which triggers a heap-based buffer overflow. NOTE: this issue is also described as an array index error.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.06.8MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
Type: Primary
Version: 2.0
Base score: 6.8
Base severity: MEDIUM
Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P
CPE Matches
argyllcms
argyllcms
>>cms>>-
cpe:2.3:a:argyllcms:cms:-:*:*:*:*:*:*:*
International Color Consortium (ICC)
color
>>icclib>>-
cpe:2.3:a:color:icclib:-:*:*:*:*:*:*:*
Ghostscript (Artifex Software, Inc.)
ghostscript
>>ghostscript>>9.06
cpe:2.3:a:ghostscript:ghostscript:9.06:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-189Primarynvd@nist.gov
CWE ID: CWE-189
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00031.htmlsecalert@redhat.com
N/A
http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00001.htmlsecalert@redhat.com
N/A
http://lists.opensuse.org/opensuse-updates/2012-10/msg00015.htmlsecalert@redhat.com
N/A
http://rhn.redhat.com/errata/RHSA-2012-1256.htmlsecalert@redhat.com
N/A
http://secunia.com/advisories/50719secalert@redhat.com
N/A
http://security.gentoo.org/glsa/glsa-201412-17.xmlsecalert@redhat.com
N/A
http://www.mandriva.com/security/advisories?name=MDVSA-2012:151secalert@redhat.com
N/A
http://www.mandriva.com/security/advisories?name=MDVSA-2013:089secalert@redhat.com
N/A
http://www.mandriva.com/security/advisories?name=MDVSA-2013:090secalert@redhat.com
N/A
http://www.openwall.com/lists/oss-security/2012/09/11/2secalert@redhat.com
N/A
http://www.securityfocus.com/bid/55494secalert@redhat.com
N/A
http://www.securitytracker.com/id?1027517secalert@redhat.com
N/A
http://www.ubuntu.com/usn/USN-1581-1secalert@redhat.com
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/78411secalert@redhat.com
N/A
https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0301secalert@redhat.com
N/A
http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00031.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00001.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.opensuse.org/opensuse-updates/2012-10/msg00015.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://rhn.redhat.com/errata/RHSA-2012-1256.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/50719af854a3a-2127-422b-91ae-364da2661108
N/A
http://security.gentoo.org/glsa/glsa-201412-17.xmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.mandriva.com/security/advisories?name=MDVSA-2012:151af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.mandriva.com/security/advisories?name=MDVSA-2013:089af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.mandriva.com/security/advisories?name=MDVSA-2013:090af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.openwall.com/lists/oss-security/2012/09/11/2af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/55494af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securitytracker.com/id?1027517af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.ubuntu.com/usn/USN-1581-1af854a3a-2127-422b-91ae-364da2661108
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/78411af854a3a-2127-422b-91ae-364da2661108
N/A
https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0301af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00031.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00001.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-updates/2012-10/msg00015.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://rhn.redhat.com/errata/RHSA-2012-1256.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/50719
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://security.gentoo.org/glsa/glsa-201412-17.xml
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2012:151
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2013:089
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2013:090
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.openwall.com/lists/oss-security/2012/09/11/2
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/55494
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.securitytracker.com/id?1027517
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/USN-1581-1
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/78411
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0301
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00031.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00001.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-updates/2012-10/msg00015.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://rhn.redhat.com/errata/RHSA-2012-1256.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/50719
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://security.gentoo.org/glsa/glsa-201412-17.xml
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2012:151
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2013:089
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2013:090
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.openwall.com/lists/oss-security/2012/09/11/2
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/55494
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securitytracker.com/id?1027517
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/USN-1581-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/78411
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0301
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Change History
0Changes found
Details not found