Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2009-0584

Опубликовано: 23 мар. 2009
Источник: nvd
CVSS2: 9.3
EPSS Низкий

Описание

icc.c in the International Color Consortium (ICC) Format library (aka icclib), as used in Ghostscript 8.64 and earlier and Argyll Color Management System (CMS) 1.0.3 and earlier, allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code by using a device file for processing a crafted image file associated with large integer values for certain sizes, related to an ICC profile in a (1) PostScript or (2) PDF file with embedded images.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:argyllcms:cms:*:*:*:*:*:*:*:*
Версия до 1.0.3 (включая)
cpe:2.3:a:ghostscript:ghostscript:*:*:*:*:*:*:*:*
Версия до 8.64 (включая)
cpe:2.3:a:ghostscript:ghostscript:0:*:*:*:*:*:*:*
cpe:2.3:a:ghostscript:ghostscript:5.50:*:*:*:*:*:*:*
cpe:2.3:a:ghostscript:ghostscript:7.05:*:*:*:*:*:*:*
cpe:2.3:a:ghostscript:ghostscript:7.07:*:*:*:*:*:*:*
cpe:2.3:a:ghostscript:ghostscript:8.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ghostscript:ghostscript:8.15:*:*:*:*:*:*:*
cpe:2.3:a:ghostscript:ghostscript:8.15.2:*:*:*:*:*:*:*
cpe:2.3:a:ghostscript:ghostscript:8.54:*:*:*:*:*:*:*
cpe:2.3:a:ghostscript:ghostscript:8.56:*:*:*:*:*:*:*
cpe:2.3:a:ghostscript:ghostscript:8.57:*:*:*:*:*:*:*
cpe:2.3:a:ghostscript:ghostscript:8.60:*:*:*:*:*:*:*
cpe:2.3:a:ghostscript:ghostscript:8.61:*:*:*:*:*:*:*

EPSS

Процентиль: 92%
0.08952
Низкий

9.3 Critical

CVSS2

Дефекты

CWE-189

Связанные уязвимости

ubuntu логотип

CVE-2009-0584

ubuntu
около 16 лет назад

icc.c in the International Color Consortium (ICC) Format library (aka icclib), as used in Ghostscript 8.64 and earlier and Argyll Color Management System (CMS) 1.0.3 and earlier, allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code by using a device file for processing a crafted image file associated with large integer values for certain sizes, related to an ICC profile in a (1) PostScript or (2) PDF file with embedded images.

redhat логотип

CVE-2009-0584

redhat
больше 16 лет назад

icc.c in the International Color Consortium (ICC) Format library (aka icclib), as used in Ghostscript 8.64 and earlier and Argyll Color Management System (CMS) 1.0.3 and earlier, allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code by using a device file for processing a crafted image file associated with large integer values for certain sizes, related to an ICC profile in a (1) PostScript or (2) PDF file with embedded images.

debian логотип

CVE-2009-0584

debian
около 16 лет назад

icc.c in the International Color Consortium (ICC) Format library (aka ...

github логотип

GHSA-3cwm-mjh6-3hwq

github
около 3 лет назад

icc.c in the International Color Consortium (ICC) Format library (aka icclib), as used in Ghostscript 8.64 and earlier and Argyll Color Management System (CMS) 1.0.3 and earlier, allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code by using a device file for processing a crafted image file associated with large integer values for certain sizes, related to an ICC profile in a (1) PostScript or (2) PDF file with embedded images.

oracle-oval логотип

ELSA-2009-0345

oracle-oval
больше 16 лет назад

ELSA-2009-0345: ghostscript security update (MODERATE)

EPSS

Процентиль: 92%
0.08952
Низкий

9.3 Critical

CVSS2

Дефекты

CWE-189