icc.c in the International Color Consortium (ICC) Format library (aka icclib), as used in Ghostscript 8.64 and earlier and Argyll Color Management System (CMS) 1.0.3 and earlier, allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code by using a device file for processing a crafted image file associated with large integer values for certain sizes, related to an ICC profile in a (1) PostScript or (2) PDF file with embedded images.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2009-03-23T19:26:00
Updated: 2024-08-07T04:40:05.107Z
Reserved: 2009-02-13T00:00:00
Link: CVE-2009-0584
Vulnrichment
No data.
NVD
Status : Modified
Published: 2009-03-23T20:00:00.377
Modified: 2024-11-21T01:00:24.630
Link: CVE-2009-0584
Redhat