CVE-2009-0584
Published Mar 23, 2009
Last updated 6 years ago
Overview
- Description
- icc.c in the International Color Consortium (ICC) Format library (aka icclib), as used in Ghostscript 8.64 and earlier and Argyll Color Management System (CMS) 1.0.3 and earlier, allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code by using a device file for processing a crafted image file associated with large integer values for certain sizes, related to an ICC profile in a (1) PostScript or (2) PDF file with embedded images.
- Source
- secalert@redhat.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 9.3
- Impact score
- 10
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-189
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:argyllcms:cms:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E37C8B4A-24A1-420A-A82F-190B3D343C68",
"versionEndIncluding": "1.0.3"
},
{
"criteria": "cpe:2.3:a:ghostscript:ghostscript:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "06B00D31-6A9C-44C2-AF0F-36F91CADCF04",
"versionEndIncluding": "8.64"
},
{
"criteria": "cpe:2.3:a:ghostscript:ghostscript:0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6E68242D-465A-443F-9D25-BE57F9080394"
},
{
"criteria": "cpe:2.3:a:ghostscript:ghostscript:5.50:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A46BABB2-C49A-4EF4-9FD7-7E80EE7CF55A"
},
{
"criteria": "cpe:2.3:a:ghostscript:ghostscript:7.05:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A9ECC8F7-93FD-427D-8395-F1B025CA4322"
},
{
"criteria": "cpe:2.3:a:ghostscript:ghostscript:7.07:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E63082C3-15B6-4DD8-8818-BFD61B054B08"
},
{
"criteria": "cpe:2.3:a:ghostscript:ghostscript:8.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9877DC36-5151-43C9-864D-BE7939A0304D"
},
{
"criteria": "cpe:2.3:a:ghostscript:ghostscript:8.15:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1F9F0F0A-E413-42CC-B67D-434EC6A92543"
},
{
"criteria": "cpe:2.3:a:ghostscript:ghostscript:8.15.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "491F4BDC-33BD-4EA6-A19B-1066BBC9EBFC"
},
{
"criteria": "cpe:2.3:a:ghostscript:ghostscript:8.54:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9DA7298B-2552-45DF-AE6B-FC71ACF623E1"
},
{
"criteria": "cpe:2.3:a:ghostscript:ghostscript:8.56:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "87A234A3-5FF9-4567-A731-3FFCD1965C60"
},
{
"criteria": "cpe:2.3:a:ghostscript:ghostscript:8.57:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B2916811-2ABD-4CC4-829B-AE805BA1BC6F"
},
{
"criteria": "cpe:2.3:a:ghostscript:ghostscript:8.60:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7B283683-D924-4C69-87F3-355ECC0DBA4B"
},
{
"criteria": "cpe:2.3:a:ghostscript:ghostscript:8.61:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "265CBC8B-5EF6-4335-B3EC-FF93A1DF8A9B"
}
],
"operator": "OR"
}
]
}
]