Showing 1 - 8 of 8

CVE-2009-0584

Status Candidate

Overview

icc.c in the International Color Consortium (ICC) Format library (aka icclib), as used in Ghostscript 8.64 and earlier and Argyll Color Management System (CMS) 1.0.3 and earlier, allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code by using a device file for processing a crafted image file associated with large integer values for certain sizes, related to an ICC profile in a (1) PostScript or (2) PDF file with embedded images.

Related Files

Mandriva Linux Security Advisory 2009-311: Posted Dec 4, 2009; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory 2009-311 - Multiple security vulnerabilities has been identified and fixed in ghostscript.; tags | advisory, vulnerability; systems | linux, mandriva; advisories | CVE-2007-6725, CVE-2008-3520, CVE-2008-3522, CVE-2008-6679, CVE-2009-0196, CVE-2009-0583, CVE-2009-0584, CVE-2009-0792; SHA-256 | 7d620b4793a61a790bea974d9d2e7ae93d719f604dcaef5d8714471748e8c774; Download | Favorite | View

Mandriva Linux Security Advisory 2009-096: Posted Apr 28, 2009; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory 2009-096 - Multiple overflows in relation to the Ghostscript code base also affect the printer-drivers package. The previous update went with a wrong require version of perl-base in the foomatic-db-engine package. It is fixed on this update.; tags | advisory, overflow, perl; systems | linux, mandriva; advisories | CVE-2007-6725, CVE-2009-0583, CVE-2009-0584, CVE-2009-0792; SHA-256 | 10427fbc3d79e97597b7b3890a3f548ff78e24c923d7d9a2fe2d3811d36b02b7; Download | Favorite | View

Mandriva Linux Security Advisory 2009-096: Posted Apr 28, 2009; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory 2009-096 - Multiple overflows in relation to the Ghostscript code base also affect the printer-drivers package.; tags | advisory, overflow; systems | linux, mandriva; advisories | CVE-2007-6725, CVE-2009-0583, CVE-2009-0584, CVE-2009-0792; SHA-256 | 677058db25c0fed629e439629bdf05e520dd5f4a75292cd812374bfc7248e98f; Download | Favorite | View

Mandriva Linux Security Advisory 2009-095: Posted Apr 28, 2009; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory 2009-095 - Multiple buffer, heap and integer overflows have been discovered in various parts of the Ghostscript package.; tags | advisory, overflow; systems | linux, mandriva; advisories | CVE-2007-6725, CVE-2008-6679, CVE-2009-0583, CVE-2009-0584, CVE-2009-0792, CVE-2009-0196; SHA-256 | 930dec0646ef31085feae7d0653b330c99bfc8422de55b11261c27919fa265cd; Download | Favorite | View

Ubuntu Security Notice 757-1: Posted Apr 15, 2009; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice USN-757-1 - Multiple vulnerabilities have been discovered in Ghostscript including a buffer underflow, denial of service, and code execution issues.; tags | advisory, denial of service, vulnerability, code execution; systems | linux, ubuntu; advisories | CVE-2007-6725, CVE-2008-6679, CVE-2009-0196, CVE-2009-0583, CVE-2009-0584, CVE-2009-0792; SHA-256 | 81628368b5aa45c28e702d4a6611558e09155398789324be0033f0f2ca44655c; Download | Favorite | View

Gentoo Linux Security Advisory 200903-37: Posted Mar 24, 2009; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory GLSA 200903-37 - Multiple integer overflows in the Ghostscript ICC library might allow for user-assisted execution of arbitrary code. Versions less than 8.64-r2 are affected.; tags | advisory, overflow, arbitrary; systems | linux, gentoo; advisories | CVE-2009-0583, CVE-2009-0584; SHA-256 | cdbb6fb9ae2497f8d4a6847519da1f8a5a735784470eae42797ef132129e0601; Download | Favorite | View

Ubuntu Security Notice 743-1: Posted Mar 24, 2009; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice USN-743-1 - It was discovered that Ghostscript contained multiple integer overflows in its ICC color management library. If a user or automated system were tricked into opening a crafted Postscript file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program. It was discovered that Ghostscript did not properly perform bounds checking in its ICC color management library. If a user or automated system were tricked into opening a crafted Postscript file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program.; tags | advisory, denial of service, overflow, arbitrary; systems | linux, ubuntu; advisories | CVE-2009-0583, CVE-2009-0584; SHA-256 | 5a6272e143ce5e3d91dad5b5c7bb53fc6d010f96fe27c7f549e6112ed08f3ea7; Download | Favorite | View

Debian Linux Security Advisory 1746-1: Posted Mar 24, 2009; Authored by Debian | Site debian.org; Debian Security Advisory 1746-1 - Two security issues have been discovered in ghostscript, the GPL Ghostscript PostScript/PDF interpreter.; tags | advisory; systems | linux, debian; advisories | CVE-2009-0583, CVE-2009-0584; SHA-256 | 46dd0fd73400abfd333fa0c67a2ca8f959082f0a57d41b19ce6ccb1ac2d60b99; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 219 files
Ubuntu 55 files
LiquidWorm 20 files
Debian 18 files
Apple 9 files
indoushka 5 files
Gentoo 5 files
Google Security Research 4 files
Alter Prime 3 files
Chokri Hammedi 3 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,158)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,604)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,830)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,245)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,969)
UNIX (9,474)
UnixWare (188)
Windows (6,784)
Other

CVE-2009-0584

Overview

Related Files

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems