CVE-2009-0583

N/A Unknown
Published: March 23, 2009 Modified: April 23, 2026
View on NVD

Description

Multiple integer overflows in icc.c in the International Color Consortium (ICC) Format library (aka icclib), as used in Ghostscript 8.64 and earlier and Argyll Color Management System (CMS) 1.0.3 and earlier, allow context-dependent attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly execute arbitrary code by using a device file for a translation request that operates on a crafted image file and targets a certain "native color space," related to an ICC profile in a (1) PostScript or (2) PDF file with embedded images.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://bugs.gentoo.org/show_bug.cgi?id=261087
Source: secalert@redhat.com
http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html
Source: secalert@redhat.com
http://secunia.com/advisories/34266
Source: secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/34373
Source: secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/34381
Source: secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/34393
Source: secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/34398
Source: secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/34418
Source: secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/34437
Source: secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/34443
Source: secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/34469
Source: secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/34729
Source: secalert@redhat.com
http://secunia.com/advisories/35559
Source: secalert@redhat.com
http://secunia.com/advisories/35569
Source: secalert@redhat.com
http://securitytracker.com/id?1021868
Source: secalert@redhat.com
http://sunsolve.sun.com/search/document.do?assetkey=1-26-262288-1
Source: secalert@redhat.com
http://support.avaya.com/elmodocs2/security/ASA-2009-098.htm
Source: secalert@redhat.com
http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0050
Source: secalert@redhat.com
Vendor Advisory
http://www.auscert.org.au/render.html?it=10666
Source: secalert@redhat.com
US Government Resource
http://www.debian.org/security/2009/dsa-1746
Source: secalert@redhat.com
Vendor Advisory
http://www.gentoo.org/security/en/glsa/glsa-200903-37.xml
Source: secalert@redhat.com
http://www.mandriva.com/security/advisories?name=MDVSA-2009:095
Source: secalert@redhat.com
http://www.mandriva.com/security/advisories?name=MDVSA-2009:096
Source: secalert@redhat.com
http://www.redhat.com/support/errata/RHSA-2009-0345.html
Source: secalert@redhat.com
Vendor Advisory
http://www.securityfocus.com/archive/1/501994/100/0/threaded
Source: secalert@redhat.com
http://www.securityfocus.com/bid/34184
Source: secalert@redhat.com
http://www.ubuntu.com/usn/USN-743-1
Source: secalert@redhat.com
http://www.vupen.com/english/advisories/2009/0776
Source: secalert@redhat.com
Vendor Advisory
http://www.vupen.com/english/advisories/2009/0777
Source: secalert@redhat.com
Vendor Advisory
http://www.vupen.com/english/advisories/2009/0816
Source: secalert@redhat.com
Vendor Advisory
http://www.vupen.com/english/advisories/2009/1708
Source: secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=487742
Source: secalert@redhat.com
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/49329
Source: secalert@redhat.com
https://issues.rpath.com/browse/RPL-2991
Source: secalert@redhat.com
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10795
Source: secalert@redhat.com
https://usn.ubuntu.com/757-1/
Source: secalert@redhat.com
https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00770.html
Source: secalert@redhat.com
Vendor Advisory
https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00772.html
Source: secalert@redhat.com
Vendor Advisory
https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00887.html
Source: secalert@redhat.com
https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00916.html
Source: secalert@redhat.com
http://bugs.gentoo.org/show_bug.cgi?id=261087
Source: af854a3a-2127-422b-91ae-364da2661108
http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/34266
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/34373
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/34381
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/34393
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/34398
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/34418
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/34437
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/34443
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/34469
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/34729
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/35559
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/35569
Source: af854a3a-2127-422b-91ae-364da2661108
http://securitytracker.com/id?1021868
Source: af854a3a-2127-422b-91ae-364da2661108
http://sunsolve.sun.com/search/document.do?assetkey=1-26-262288-1
Source: af854a3a-2127-422b-91ae-364da2661108
http://support.avaya.com/elmodocs2/security/ASA-2009-098.htm
Source: af854a3a-2127-422b-91ae-364da2661108
http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0050
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.auscert.org.au/render.html?it=10666
Source: af854a3a-2127-422b-91ae-364da2661108
US Government Resource
http://www.debian.org/security/2009/dsa-1746
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.gentoo.org/security/en/glsa/glsa-200903-37.xml
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.mandriva.com/security/advisories?name=MDVSA-2009:095
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.mandriva.com/security/advisories?name=MDVSA-2009:096
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.redhat.com/support/errata/RHSA-2009-0345.html
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.securityfocus.com/archive/1/501994/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/bid/34184
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.ubuntu.com/usn/USN-743-1
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.vupen.com/english/advisories/2009/0776
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.vupen.com/english/advisories/2009/0777
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.vupen.com/english/advisories/2009/0816
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.vupen.com/english/advisories/2009/1708
Source: af854a3a-2127-422b-91ae-364da2661108
https://bugzilla.redhat.com/show_bug.cgi?id=487742
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/49329
Source: af854a3a-2127-422b-91ae-364da2661108
https://issues.rpath.com/browse/RPL-2991
Source: af854a3a-2127-422b-91ae-364da2661108
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10795
Source: af854a3a-2127-422b-91ae-364da2661108
https://usn.ubuntu.com/757-1/
Source: af854a3a-2127-422b-91ae-364da2661108
https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00770.html
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00772.html
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00887.html
Source: af854a3a-2127-422b-91ae-364da2661108
https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00916.html
Source: af854a3a-2127-422b-91ae-364da2661108

80 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
4.6%
89th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-119

Affected Vendors

ghostscript argyllcms

Related CVEs

CVE-2026-6987 7.3
CVE-2026-6986 3.7
CVE-2026-6985 5.3
CVE-2026-6984 4.7
CVE-2026-6983 4.7