English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2009-0792
Description:Multiple integer overflows in icc.c in the International Color Consortium (ICC) Format library (aka icclib), as used in Ghostscript 8.64 and earlier and Argyll Color Management System (CMS) 1.0.3 and earlier, allow context-dependent attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly execute arbitrary code by using a device file for a translation request that operates on a crafted image file and targets a certain "native color space," related to an ICC profile in a (1) PostScript or (2) PDF file with embedded images. NOTE: this issue exists because of an incomplete fix for CVE-2009-0583.
Test IDs: 1.3.6.1.4.1.25623.1.0.63836   1.3.6.1.4.1.25623.1.0.122495   1.3.6.1.4.1.25623.1.0.63835  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2009-0792
20090417 rPSA-2009-0060-1 ghostscript
http://www.securityfocus.com/archive/1/502757/100/0/threaded
262288
http://sunsolve.sun.com/search/document.do?assetkey=1-26-262288-1
34373
http://secunia.com/advisories/34373
34667
http://secunia.com/advisories/34667
34711
http://secunia.com/advisories/34711
34726
http://secunia.com/advisories/34726
34729
http://secunia.com/advisories/34729
34732
http://secunia.com/advisories/34732
35416
http://secunia.com/advisories/35416
35559
http://secunia.com/advisories/35559
35569
http://secunia.com/advisories/35569
ADV-2009-1708
http://www.vupen.com/english/advisories/2009/1708
FEDORA-2009-3430
https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00211.html
FEDORA-2009-3435
https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00217.html
FEDORA-2009-3709
https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00460.html
FEDORA-2009-3710
https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00461.html
GLSA-201412-17
http://security.gentoo.org/glsa/glsa-201412-17.xml
MDVSA-2009:095
http://www.mandriva.com/security/advisories?name=MDVSA-2009:095
MDVSA-2009:096
http://www.mandriva.com/security/advisories?name=MDVSA-2009:096
RHSA-2009:0420
http://www.redhat.com/support/errata/RHSA-2009-0420.html
RHSA-2009:0421
http://www.redhat.com/support/errata/RHSA-2009-0421.html
SUSE-SR:2009:009
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html
SUSE-SR:2009:011
http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html
USN-757-1
https://usn.ubuntu.com/757-1/
ghostscript-icc-bo(50381)
https://exchange.xforce.ibmcloud.com/vulnerabilities/50381
http://support.avaya.com/elmodocs2/security/ASA-2009-155.htm
http://support.avaya.com/elmodocs2/security/ASA-2009-155.htm
http://wiki.rpath.com/Advisories:rPSA-2009-0060
http://wiki.rpath.com/Advisories:rPSA-2009-0060
https://bugzilla.redhat.com/show_bug.cgi?id=491853
https://bugzilla.redhat.com/show_bug.cgi?id=491853
oval:org.mitre.oval:def:11207
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11207



© 1998-2025 E-Soft Inc. All rights reserved.