Home > Vulnerability Database > CVE-2009-0584

Mend.io Vulnerability Database

CVE-2009-0584

Good to know:

Date: March 23, 2009

icc.c in the International Color Consortium (ICC) Format library (aka icclib), as used in Ghostscript 8.64 and earlier and Argyll Color Management System (CMS) 1.0.3 and earlier, allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code by using a device file for processing a crafted image file associated with large integer values for certain sizes, related to an ICC profile in a (1) PostScript or (2) PDF file with embedded images.

Language: C

Severity Score

8.1

Related Resources (44)

Url: http://secunia.com/advisories/35569

Url: http://secunia.com/advisories/34437

Url: http://secunia.com/advisories/34418

Url: http://secunia.com/advisories/34393

Url: http://www.ubuntu.com/usn/USN-743-1

Url: https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00772.html

Url: http://secunia.com/advisories/34373

Url: https://exchange.xforce.ibmcloud.com/vulnerabilities/49327

Url: https://issues.rpath.com/browse/RPL-2991

Url: http://bugs.gentoo.org/show_bug.cgi?id=261087

Url: https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00916.html

Url: http://secunia.com/advisories/34398

Url: https://nvd.nist.gov/vuln/detail/CVE-2009-0584

Url: http://www.securityfocus.com/bid/34184

Url: https://access.redhat.com/security/cve/CVE-2009-0584

Url: http://www.redhat.com/support/errata/RHSA-2009-0345.html

Url: http://www.vupen.com/english/advisories/2009/1708

Url: http://support.avaya.com/elmodocs2/security/ASA-2009-098.htm

Url: http://secunia.com/advisories/34381

Url: http://www.securityfocus.com/archive/1/501994/100/0/threaded

Url: http://securitytracker.com/id?1021868

Url: http://www.vupen.com/english/advisories/2009/0777

Url: http://www.vupen.com/english/advisories/2009/0776

Url: http://www.vupen.com/english/advisories/2009/0816

Url: http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0050

Url: http://www.mandriva.com/security/advisories?name=MDVSA-2009:096

Url: http://www.auscert.org.au/render.html?it=10666

Url: http://secunia.com/advisories/34469

Url: http://secunia.com/advisories/35559

Url: https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00770.html

Url: http://www.gentoo.org/security/en/glsa/glsa-200903-37.xml

Url: http://www.debian.org/security/2009/dsa-1746

Url: https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00887.html

Url: http://www.mandriva.com/security/advisories?name=MDVSA-2009:095

Url: http://secunia.com/advisories/34266

Url: http://secunia.com/advisories/34443

Url: https://bugzilla.redhat.com/show_bug.cgi?id=487744

Url: http://sunsolve.sun.com/search/document.do?assetkey=1-26-262288-1

Url: http://secunia.com/advisories/34729

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10544

Url: http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html

Url: http://osvdb.org/52988

Url: https://usn.ubuntu.com/757-1/

Url: https://www.mend.io/vulnerability-database/CVE-2009-0584

Severity Score

8.1

Weakness Type (CWE)

Numeric Errors

CWE-189

Top Fix

Upgrade Version

Upgrade to version ghostpdl-8.70

Learn More

CVSS v3.1

Base Score:	8.1
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	HIGH
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

CVSS v2

Base Score:	9.3
Access Vector (AV):	NETWORK
Access Complexity (AC):	MEDIUM
Authentication (AU):	NONE
Confidentiality (C):	COMPLETE
Integrity (I):	COMPLETE
Availability (A):	COMPLETE
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2009-0584

Good to know:

Date: March 23, 2009

Language: C

Severity Score

Related Resources (44)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

CVSS v2

Do you need more information?