9.3
CVE-2009-0584
- EPSS 8.95%
- Veröffentlicht 23.03.2009 20:00:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
Loginicc.c in the International Color Consortium (ICC) Format library (aka icclib), as used in Ghostscript 8.64 and earlier and Argyll Color Management System (CMS) 1.0.3 and earlier, allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code by using a device file for processing a crafted image file associated with large integer values for certain sizes, related to an ICC profile in a (1) PostScript or (2) PDF file with embedded images.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ghostscript ≫ Ghostscript Version <= 8.64
Ghostscript ≫ Ghostscript Version0
Ghostscript ≫ Ghostscript Version5.50
Ghostscript ≫ Ghostscript Version7.05
Ghostscript ≫ Ghostscript Version7.07
Ghostscript ≫ Ghostscript Version8.0.1
Ghostscript ≫ Ghostscript Version8.15
Ghostscript ≫ Ghostscript Version8.15.2
Ghostscript ≫ Ghostscript Version8.54
Ghostscript ≫ Ghostscript Version8.56
Ghostscript ≫ Ghostscript Version8.57
Ghostscript ≫ Ghostscript Version8.60
Ghostscript ≫ Ghostscript Version8.61
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 8.95% | 0.918 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.3 | 8.6 | 10 |
AV:N/AC:M/Au:N/C:C/I:C/A:C
|