Bug 487742 (CVE-2009-0583) - CVE-2009-0583 ghostscript, argyllcms: Multiple integer overflows in the International Color Consortium Format Library
Summary: CVE-2009-0583 ghostscript, argyllcms: Multiple integer overflows in the Inter...
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2009-0583
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 487747 487748 487749 487750 487751 491276 491277 491278 491590 491591 491592
Blocks:
TreeView+ depends on / blocked
 
Reported: 2009-02-27 18:20 UTC by Jan Lieskovsky
Modified: 2019-09-29 12:28 UTC (History)
7 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2011-10-25 17:36:25 UTC
Embargoed:

Attachments (Terms of Use)
ghostscript-CVE-2009-0583,0584.patch (33.90 KB, patch)
2009-03-06 16:39 UTC, Tim Waugh 		no flags Details | Diff
View All


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2009:0345 0 normal SHIPPED_LIVE Moderate: ghostscript security update 2009-03-19 16:00:55 UTC

Description Jan Lieskovsky 2009-02-27 18:20:05 UTC 
Multiple integer overflows were found in the Ghostsript's International Color Consortium Format Library (icclib). An attacker could use this flaw to
potentially execute arbitrary code by requesting to translate a specially-
crafted image file created on one device into another's device native color
space via a device file.
Comment 12 Josh Bressers 2009-03-19 14:56:55 UTC 
Lifting embargo
Comment 14 Fedora Update System 2009-03-21 01:26:52 UTC 
ghostscript-8.63-2.fc9 has been pushed to the Fedora 9 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 15 Fedora Update System 2009-03-21 01:28:03 UTC 
ghostscript-8.63-5.fc10 has been pushed to the Fedora 10 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 17 Gwyn Ciesla 2009-03-23 17:28:11 UTC 
Updates for argyllcms for F-9 and F-10 are in Bodhi now.  Thanks, Tim!
Comment 18 Jan Lieskovsky 2009-03-24 16:55:30 UTC 
Common Vulnerabilities and Exposures assigned an identifier CVE-2008-0583 to
this vulnerability:

Multiple integer overflows in icc.c in the International Color
Consortium (ICC) Format library (aka icclib), as used in Ghostscript
8.64 and earlier and Argyll Color Management System (CMS) 1.0.3 and
earlier, allow context-dependent attackers to cause a denial of
service (heap-based buffer overflow and application crash) or possibly
execute arbitrary code by using a device file for a translation
request that operates on a crafted image file and targets a certain
"native color space," related to an ICC profile in a (1) PostScript or
(2) PDF file with embedded images.

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0583
http://www.securityfocus.com/archive/1/archive/1/501994/100/0/threaded
http://bugs.gentoo.org/show_bug.cgi?id=261087
http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0050
https://issues.rpath.com/browse/RPL-2991
http://www.debian.org/security/2009/dsa-1746
http://www.securityfocus.com/bid/34184
http://securitytracker.com/id?1021868
http://secunia.com/advisories/34373
http://secunia.com/advisories/34381
http://secunia.com/advisories/34393
http://secunia.com/advisories/34398
http://www.vupen.com/english/advisories/2009/0776
http://www.vupen.com/english/advisories/2009/0777
http://xforce.iss.net/xforce/xfdb/49329
Comment 19 Fedora Update System 2009-03-25 16:06:10 UTC 
argyllcms-1.0.3-3.fc10 has been pushed to the Fedora 10 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 20 Fedora Update System 2009-03-25 16:10:17 UTC 
argyllcms-1.0.3-3.fc9 has been pushed to the Fedora 9 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 21 Kurt Seifried 2011-10-25 17:36:25 UTC 
All children bugs closed, parent no longer needed
Note You need to log in before you can comment on or make changes to this bug.