CVE-2012-4405

🗓️ 18 Sep 2012 17:55:07Reported by [email protected]Type

Multiple integer underflows in icmLut_allocate function in ICC Format library allow remote attackers to cause denial of service and possible code execution via crafted PostScript or PDF file with embedded images, triggering heap-based buffer overflow

Reporter	Title	Published	Views	Family All 67
Amazon	Medium: ghostscript	22 Sep 201200:00	–	amazon
Tenable Nessus	Amazon Linux AMI : ghostscript (ALAS-2012-127)	4 Sep 201300:00	–	nessus
Tenable Nessus	CentOS 5 / 6 : ghostscript (CESA-2012:1256)	12 Sep 201200:00	–	nessus
Tenable Nessus	Debian DSA-2595-1 : ghostscript - integer overflow	31 Dec 201200:00	–	nessus
Tenable Nessus	Fedora 16 : ghostscript-9.05-2.fc16 (2012-13839)	29 Sep 201200:00	–	nessus
Tenable Nessus	Fedora 17 : ghostscript-9.05-4.fc17 (2012-13846)	29 Sep 201200:00	–	nessus
Tenable Nessus	GLSA-201402-29 : ArgyllCMS: User-assisted execution of arbitrary code	2 Mar 201400:00	–	nessus
Tenable Nessus	GLSA-201412-17 : GPL Ghostscript: Multiple vulnerabilities	15 Dec 201400:00	–	nessus
Tenable Nessus	Mandriva Linux Security Advisory : ghostscript (MDVSA-2012:151-1)	6 Oct 201200:00	–	nessus
Tenable Nessus	Mandriva Linux Security Advisory : icclib (MDVSA-2013:089)	20 Apr 201300:00	–	nessus

NVD

Node

argyllcms cmsMatch-

color icclibMatch-

ghostscript ghostscriptMatch9.06

Source	Link
wiki	www.wiki.mageia.org/en/Support/Advisories/MGASA-2012-0301
mandriva	www.mandriva.com/security/advisories
openwall	www.openwall.com/lists/oss-security/2012/09/11/2
securityfocus	www.securityfocus.com/bid/55494
mandriva	www.mandriva.com/security/advisories
rhn	www.rhn.redhat.com/errata/RHSA-2012-1256.html
ubuntu	www.ubuntu.com/usn/USN-1581-1
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/78411
mandriva	www.mandriva.com/security/advisories
lists	www.lists.opensuse.org/opensuse-security-announce/2012-09/msg00031.html

29 Apr 2026 01:13Current

7.5High risk

Vulners AI Score7.5

CVSS 26.8

EPSS0.23786

CWE-189