what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

CVE-2009-0792

Status Candidate

Overview

Multiple integer overflows in icc.c in the International Color Consortium (ICC) Format library (aka icclib), as used in Ghostscript 8.64 and earlier and Argyll Color Management System (CMS) 1.0.3 and earlier, allow context-dependent attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly execute arbitrary code by using a device file for a translation request that operates on a crafted image file and targets a certain "native color space," related to an ICC profile in a (1) PostScript or (2) PDF file with embedded images. NOTE: this issue exists because of an incomplete fix for CVE-2009-0583.

Related Files

Gentoo Linux Security Advisory 201412-17
Posted Dec 15, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201412-17 - Multiple vulnerabilities have been found in GPL Ghostscript, the worst of which may allow execution of arbitrary code. Versions prior to 9.10-r2 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2009-0196, CVE-2009-0792, CVE-2009-3743, CVE-2009-4270, CVE-2009-4897, CVE-2010-1628, CVE-2010-2055, CVE-2010-4054, CVE-2012-4405
SHA-256 | 03c0d395cdc0839362a464bc735af98cdf0e7ea963089096f746c47e2abb27c3
Debian Linux Security Advisory 2080-1
Posted Aug 3, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2080-1 - Several security issues have been discovered in Ghostscript, the GPL PostScript/PDF interpreter, which might lead to the execution of arbitrary code if a user processes a malformed PDF or Postscript file.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2007-6725, CVE-2008-3522, CVE-2008-6679, CVE-2009-0196, CVE-2009-0792, CVE-2009-4270, CVE-2010-1869
SHA-256 | e4041acaa31e18f427619f7fda91a9bb056b0d4e044eec876f34876cc862fced
Mandriva Linux Security Advisory 2009-311
Posted Dec 4, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-311 - Multiple security vulnerabilities has been identified and fixed in ghostscript.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2007-6725, CVE-2008-3520, CVE-2008-3522, CVE-2008-6679, CVE-2009-0196, CVE-2009-0583, CVE-2009-0584, CVE-2009-0792
SHA-256 | 7d620b4793a61a790bea974d9d2e7ae93d719f604dcaef5d8714471748e8c774
Mandriva Linux Security Advisory 2009-096
Posted Apr 28, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-096 - Multiple overflows in relation to the Ghostscript code base also affect the printer-drivers package. The previous update went with a wrong require version of perl-base in the foomatic-db-engine package. It is fixed on this update.

tags | advisory, overflow, perl
systems | linux, mandriva
advisories | CVE-2007-6725, CVE-2009-0583, CVE-2009-0584, CVE-2009-0792
SHA-256 | 10427fbc3d79e97597b7b3890a3f548ff78e24c923d7d9a2fe2d3811d36b02b7
Mandriva Linux Security Advisory 2009-096
Posted Apr 28, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-096 - Multiple overflows in relation to the Ghostscript code base also affect the printer-drivers package.

tags | advisory, overflow
systems | linux, mandriva
advisories | CVE-2007-6725, CVE-2009-0583, CVE-2009-0584, CVE-2009-0792
SHA-256 | 677058db25c0fed629e439629bdf05e520dd5f4a75292cd812374bfc7248e98f
Mandriva Linux Security Advisory 2009-095
Posted Apr 28, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-095 - Multiple buffer, heap and integer overflows have been discovered in various parts of the Ghostscript package.

tags | advisory, overflow
systems | linux, mandriva
advisories | CVE-2007-6725, CVE-2008-6679, CVE-2009-0583, CVE-2009-0584, CVE-2009-0792, CVE-2009-0196
SHA-256 | 930dec0646ef31085feae7d0653b330c99bfc8422de55b11261c27919fa265cd
Ubuntu Security Notice 757-1
Posted Apr 15, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-757-1 - Multiple vulnerabilities have been discovered in Ghostscript including a buffer underflow, denial of service, and code execution issues.

tags | advisory, denial of service, vulnerability, code execution
systems | linux, ubuntu
advisories | CVE-2007-6725, CVE-2008-6679, CVE-2009-0196, CVE-2009-0583, CVE-2009-0584, CVE-2009-0792
SHA-256 | 81628368b5aa45c28e702d4a6611558e09155398789324be0033f0f2ca44655c
Page 1 of 1
Back1Next

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    16 Files
  • 10
    Sep 10th
    38 Files
  • 11
    Sep 11th
    21 Files
  • 12
    Sep 12th
    40 Files
  • 13
    Sep 13th
    18 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    0 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close