Bug 487742 - (CVE-2009-0583) CVE-2009-0583 ghostscript, argyllcms: Multiple integer overflows in the International Color Consortium Format Library
CVE-2009-0583 ghostscript, argyllcms: Multiple integer overflows in the Inter...
Status: CLOSED ERRATA
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
medium Severity medium
: ---
: ---
Assigned To: Red Hat Product Security
source=redhat,reported=20090227,publi...
: Security
Depends On: 487747 487748 487749 487750 487751 491276 491277 491278 491590 491591 491592
Blocks:
  Show dependency treegraph
 
Reported: 2009-02-27 13:20 EST by Jan Lieskovsky
Modified: 2016-03-04 07:42 EST (History)
7 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2011-10-25 13:36:25 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)
ghostscript-CVE-2009-0583,0584.patch (33.90 KB, patch)
2009-03-06 11:39 EST, Tim Waugh
no flags Details | Diff

  None (edit)
Description Jan Lieskovsky 2009-02-27 13:20:05 EST
Multiple integer overflows were found in the Ghostsript's International Color Consortium Format Library (icclib). An attacker could use this flaw to
potentially execute arbitrary code by requesting to translate a specially-
crafted image file created on one device into another's device native color
space via a device file.
Comment 12 Josh Bressers 2009-03-19 10:56:55 EDT
Lifting embargo
Comment 14 Fedora Update System 2009-03-20 21:26:52 EDT
ghostscript-8.63-2.fc9 has been pushed to the Fedora 9 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 15 Fedora Update System 2009-03-20 21:28:03 EDT
ghostscript-8.63-5.fc10 has been pushed to the Fedora 10 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 17 Jon Ciesla 2009-03-23 13:28:11 EDT
Updates for argyllcms for F-9 and F-10 are in Bodhi now.  Thanks, Tim!
Comment 18 Jan Lieskovsky 2009-03-24 12:55:30 EDT
Common Vulnerabilities and Exposures assigned an identifier CVE-2008-0583 to
this vulnerability:

Multiple integer overflows in icc.c in the International Color
Consortium (ICC) Format library (aka icclib), as used in Ghostscript
8.64 and earlier and Argyll Color Management System (CMS) 1.0.3 and
earlier, allow context-dependent attackers to cause a denial of
service (heap-based buffer overflow and application crash) or possibly
execute arbitrary code by using a device file for a translation
request that operates on a crafted image file and targets a certain
"native color space," related to an ICC profile in a (1) PostScript or
(2) PDF file with embedded images.

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0583
http://www.securityfocus.com/archive/1/archive/1/501994/100/0/threaded
http://bugs.gentoo.org/show_bug.cgi?id=261087
http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0050
https://issues.rpath.com/browse/RPL-2991
http://www.debian.org/security/2009/dsa-1746
http://www.securityfocus.com/bid/34184
http://securitytracker.com/id?1021868
http://secunia.com/advisories/34373
http://secunia.com/advisories/34381
http://secunia.com/advisories/34393
http://secunia.com/advisories/34398
http://www.vupen.com/english/advisories/2009/0776
http://www.vupen.com/english/advisories/2009/0777
http://xforce.iss.net/xforce/xfdb/49329
Comment 19 Fedora Update System 2009-03-25 12:06:10 EDT
argyllcms-1.0.3-3.fc10 has been pushed to the Fedora 10 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 20 Fedora Update System 2009-03-25 12:10:17 EDT
argyllcms-1.0.3-3.fc9 has been pushed to the Fedora 9 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 21 Kurt Seifried 2011-10-25 13:36:25 EDT
All children bugs closed, parent no longer needed

Note You need to log in before you can comment on or make changes to this bug.