Showing 1 - 8 of 8

CVE-2009-0583

Status Candidate

Overview

Multiple integer overflows in icc.c in the International Color Consortium (ICC) Format library (aka icclib), as used in Ghostscript 8.64 and earlier and Argyll Color Management System (CMS) 1.0.3 and earlier, allow context-dependent attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly execute arbitrary code by using a device file for a translation request that operates on a crafted image file and targets a certain "native color space," related to an ICC profile in a (1) PostScript or (2) PDF file with embedded images.

Related Files

Mandriva Linux Security Advisory 2009-311: Posted Dec 4, 2009; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory 2009-311 - Multiple security vulnerabilities has been identified and fixed in ghostscript.; tags | advisory, vulnerability; systems | linux, mandriva; advisories | CVE-2007-6725, CVE-2008-3520, CVE-2008-3522, CVE-2008-6679, CVE-2009-0196, CVE-2009-0583, CVE-2009-0584, CVE-2009-0792; SHA-256 | 7d620b4793a61a790bea974d9d2e7ae93d719f604dcaef5d8714471748e8c774; Download | Favorite | View

Mandriva Linux Security Advisory 2009-096: Posted Apr 28, 2009; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory 2009-096 - Multiple overflows in relation to the Ghostscript code base also affect the printer-drivers package. The previous update went with a wrong require version of perl-base in the foomatic-db-engine package. It is fixed on this update.; tags | advisory, overflow, perl; systems | linux, mandriva; advisories | CVE-2007-6725, CVE-2009-0583, CVE-2009-0584, CVE-2009-0792; SHA-256 | 10427fbc3d79e97597b7b3890a3f548ff78e24c923d7d9a2fe2d3811d36b02b7; Download | Favorite | View

Mandriva Linux Security Advisory 2009-096: Posted Apr 28, 2009; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory 2009-096 - Multiple overflows in relation to the Ghostscript code base also affect the printer-drivers package.; tags | advisory, overflow; systems | linux, mandriva; advisories | CVE-2007-6725, CVE-2009-0583, CVE-2009-0584, CVE-2009-0792; SHA-256 | 677058db25c0fed629e439629bdf05e520dd5f4a75292cd812374bfc7248e98f; Download | Favorite | View

Mandriva Linux Security Advisory 2009-095: Posted Apr 28, 2009; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory 2009-095 - Multiple buffer, heap and integer overflows have been discovered in various parts of the Ghostscript package.; tags | advisory, overflow; systems | linux, mandriva; advisories | CVE-2007-6725, CVE-2008-6679, CVE-2009-0583, CVE-2009-0584, CVE-2009-0792, CVE-2009-0196; SHA-256 | 930dec0646ef31085feae7d0653b330c99bfc8422de55b11261c27919fa265cd; Download | Favorite | View

Ubuntu Security Notice 757-1: Posted Apr 15, 2009; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice USN-757-1 - Multiple vulnerabilities have been discovered in Ghostscript including a buffer underflow, denial of service, and code execution issues.; tags | advisory, denial of service, vulnerability, code execution; systems | linux, ubuntu; advisories | CVE-2007-6725, CVE-2008-6679, CVE-2009-0196, CVE-2009-0583, CVE-2009-0584, CVE-2009-0792; SHA-256 | 81628368b5aa45c28e702d4a6611558e09155398789324be0033f0f2ca44655c; Download | Favorite | View

Gentoo Linux Security Advisory 200903-37: Posted Mar 24, 2009; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory GLSA 200903-37 - Multiple integer overflows in the Ghostscript ICC library might allow for user-assisted execution of arbitrary code. Versions less than 8.64-r2 are affected.; tags | advisory, overflow, arbitrary; systems | linux, gentoo; advisories | CVE-2009-0583, CVE-2009-0584; SHA-256 | cdbb6fb9ae2497f8d4a6847519da1f8a5a735784470eae42797ef132129e0601; Download | Favorite | View

Ubuntu Security Notice 743-1: Posted Mar 24, 2009; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice USN-743-1 - It was discovered that Ghostscript contained multiple integer overflows in its ICC color management library. If a user or automated system were tricked into opening a crafted Postscript file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program. It was discovered that Ghostscript did not properly perform bounds checking in its ICC color management library. If a user or automated system were tricked into opening a crafted Postscript file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program.; tags | advisory, denial of service, overflow, arbitrary; systems | linux, ubuntu; advisories | CVE-2009-0583, CVE-2009-0584; SHA-256 | 5a6272e143ce5e3d91dad5b5c7bb53fc6d010f96fe27c7f549e6112ed08f3ea7; Download | Favorite | View

Debian Linux Security Advisory 1746-1: Posted Mar 24, 2009; Authored by Debian | Site debian.org; Debian Security Advisory 1746-1 - Two security issues have been discovered in ghostscript, the GPL Ghostscript PostScript/PDF interpreter.; tags | advisory; systems | linux, debian; advisories | CVE-2009-0583, CVE-2009-0584; SHA-256 | 46dd0fd73400abfd333fa0c67a2ca8f959082f0a57d41b19ce6ccb1ac2d60b99; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 240 files
indoushka 173 files
Jay Turla 150 files
Ubuntu 78 files
h00die 54 files
juan vazquez 43 files
sinn3r 41 files
H D Moore 31 files
Karn Ganeshen 23 files
Pedro Ribeiro 22 files

File Archives

Systems

AIX (430)
Apple (2,114)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,123)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,567)
HPUX (881)
iOS (389)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,209)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,823)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,848)
UNIX (9,455)
UnixWare (188)
Windows (6,772)
Other

CVE-2009-0583

Overview

Related Files

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems