QwikSec

Security Database

CVE

CWE

Training

CVE-2009-0583

Published: Mar 23, 2009

Modified: Aug 7, 2024

PUBLISHED

Description

Multiple integer overflows in icc.c in the International Color Consortium (ICC) Format library (aka icclib), as used in Ghostscript 8.64 and earlier and Argyll Color Management System (CMS) 1.0.3 and earlier, allow context-dependent attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly execute arbitrary code by using a device file for a translation request that operates on a crafted image file and targets a certain "native color space," related to an ICC profile in a (1) PostScript or (2) PDF file with embedded images.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

third-party-advisory

x_refsource_SECUNIA

SUSE-SR:2009:007

vendor-advisory

x_refsource_SUSE

third-party-advisory

x_refsource_SECUNIA

third-party-advisory

x_refsource_SECUNIA

http://support.avaya.com/elmodocs2/security/ASA-2009-098.htm

x_refsource_CONFIRM

vendor-advisory

x_refsource_GENTOO

vdb-entry

x_refsource_SECTRACK

third-party-advisory

x_refsource_SECUNIA

third-party-advisory

x_refsource_SECUNIA

FEDORA-2009-3031

vendor-advisory

x_refsource_FEDORA

vendor-advisory

x_refsource_DEBIAN

third-party-advisory

x_refsource_AUSCERT

vdb-entry

x_refsource_VUPEN

FEDORA-2009-2885

vendor-advisory

x_refsource_FEDORA

vendor-advisory

x_refsource_SUNALERT

FEDORA-2009-3011

vendor-advisory

x_refsource_FEDORA

third-party-advisory

x_refsource_SECUNIA

third-party-advisory

x_refsource_SECUNIA

http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0050

x_refsource_CONFIRM

https://issues.rpath.com/browse/RPL-2991

x_refsource_CONFIRM

oval:org.mitre.oval:def:10795

vdb-entry

signature

x_refsource_OVAL

vendor-advisory

x_refsource_MANDRIVA

vdb-entry

x_refsource_VUPEN

third-party-advisory

x_refsource_SECUNIA

third-party-advisory

x_refsource_SECUNIA

vdb-entry

x_refsource_VUPEN

https://bugzilla.redhat.com/show_bug.cgi?id=487742

x_refsource_CONFIRM

vdb-entry

x_refsource_BID

vendor-advisory

x_refsource_MANDRIVA

third-party-advisory

x_refsource_SECUNIA

third-party-advisory

x_refsource_SECUNIA

third-party-advisory

x_refsource_SECUNIA

vendor-advisory

x_refsource_UBUNTU

http://bugs.gentoo.org/show_bug.cgi?id=261087

x_refsource_CONFIRM

vendor-advisory

x_refsource_REDHAT

FEDORA-2009-2883

vendor-advisory

x_refsource_FEDORA

vdb-entry

x_refsource_VUPEN

ghostscript-icclib-native-color-bo(49329)

vdb-entry

x_refsource_XF

20090319 rPSA-2009-0050-1 ghostscript

mailing-list

x_refsource_BUGTRAQ

vendor-advisory

x_refsource_UBUNTU

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.