Debian Security Bug TrackerDEBIANCVE:CVE-2009-0584CVE-2009-0584
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.008 Low
EPSS
Percentile
81.9%
icc.c in the International Color Consortium (ICC) Format library (aka icclib), as used in Ghostscript 8.64 and earlier and Argyll Color Management System (CMS) 1.0.3 and earlier, allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code by using a device file for processing a crafted image file associated with large integer values for certain sizes, related to an ICC profile in a (1) PostScript or (2) PDF file with embedded images.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | argyll | <Β 1.0.3-2 | argyll_1.0.3-2_all.deb |
| Debian | 11 | all | argyll | <Β 1.0.3-2 | argyll_1.0.3-2_all.deb |
| Debian | 10 | all | argyll | <Β 1.0.3-2 | argyll_1.0.3-2_all.deb |
| Debian | 999 | all | argyll | <Β 1.0.3-2 | argyll_1.0.3-2_all.deb |
| Debian | 13 | all | argyll | <Β 1.0.3-2 | argyll_1.0.3-2_all.deb |
| Debian | 12 | all | ghostscript | <Β 8.64~dfsg-1.1 | ghostscript_8.64~dfsg-1.1_all.deb |
| Debian | 11 | all | ghostscript | <Β 8.64~dfsg-1.1 | ghostscript_8.64~dfsg-1.1_all.deb |
| Debian | 10 | all | ghostscript | <Β 8.64~dfsg-1.1 | ghostscript_8.64~dfsg-1.1_all.deb |
| Debian | 999 | all | ghostscript | <Β 8.64~dfsg-1.1 | ghostscript_8.64~dfsg-1.1_all.deb |
| Debian | 13 | all | ghostscript | <Β 8.64~dfsg-1.1 | ghostscript_8.64~dfsg-1.1_all.deb |
Related
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.008 Low
EPSS
Percentile
81.9%