Unrated severityNVD Advisory· Published Mar 23, 2009· Updated Jun 16, 2026
CVE-2009-0584
CVE-2009-0584
Description
icc.c in the International Color Consortium (ICC) Format library (aka icclib), as used in Ghostscript 8.64 and earlier and Argyll Color Management System (CMS) 1.0.3 and earlier, allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code by using a device file for processing a crafted image file associated with large integer values for certain sizes, related to an ICC profile in a (1) PostScript or (2) PDF file with embedded images.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
16cpe:2.3:a:ghostscript:ghostscript:*:*:*:*:*:*:*:*+ 12 more
- cpe:2.3:a:ghostscript:ghostscript:*:*:*:*:*:*:*:*range: <=8.64
- cpe:2.3:a:ghostscript:ghostscript:0:*:*:*:*:*:*:*
- cpe:2.3:a:ghostscript:ghostscript:5.50:*:*:*:*:*:*:*
- cpe:2.3:a:ghostscript:ghostscript:7.05:*:*:*:*:*:*:*
- cpe:2.3:a:ghostscript:ghostscript:7.07:*:*:*:*:*:*:*
- cpe:2.3:a:ghostscript:ghostscript:8.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ghostscript:ghostscript:8.15:*:*:*:*:*:*:*
- cpe:2.3:a:ghostscript:ghostscript:8.15.2:*:*:*:*:*:*:*
- cpe:2.3:a:ghostscript:ghostscript:8.54:*:*:*:*:*:*:*
- cpe:2.3:a:ghostscript:ghostscript:8.56:*:*:*:*:*:*:*
- cpe:2.3:a:ghostscript:ghostscript:8.57:*:*:*:*:*:*:*
- cpe:2.3:a:ghostscript:ghostscript:8.60:*:*:*:*:*:*:*
- cpe:2.3:a:ghostscript:ghostscript:8.61:*:*:*:*:*:*:*
- Range: <=1.0.3
Patches
Vulnerability mechanics
References
41- secunia.com/advisories/34373nvdVendor Advisory
- secunia.com/advisories/34381nvdVendor Advisory
- secunia.com/advisories/34393nvdVendor Advisory
- secunia.com/advisories/34398nvdVendor Advisory
- secunia.com/advisories/34437nvdVendor Advisory
- www.redhat.com/support/errata/RHSA-2009-0345.htmlnvdVendor Advisory
- www.vupen.com/english/advisories/2009/0776nvdVendor Advisory
- www.vupen.com/english/advisories/2009/0777nvdVendor Advisory
- www.vupen.com/english/advisories/2009/0816nvdVendor Advisory
- www.redhat.com/archives/fedora-package-announce/2009-March/msg00770.htmlnvdVendor Advisory
- www.redhat.com/archives/fedora-package-announce/2009-March/msg00772.htmlnvdVendor Advisory
- www.auscert.org.au/render.htmlnvdUS Government Resource
- bugs.gentoo.org/show_bug.cginvd
- lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.htmlnvd
- osvdb.org/52988nvd
- secunia.com/advisories/34266nvd
- secunia.com/advisories/34418nvd
- secunia.com/advisories/34443nvd
- secunia.com/advisories/34469nvd
- secunia.com/advisories/34729nvd
- secunia.com/advisories/35559nvd
- secunia.com/advisories/35569nvd
- securitytracker.com/idnvd
- sunsolve.sun.com/search/document.donvd
- support.avaya.com/elmodocs2/security/ASA-2009-098.htmnvd
- wiki.rpath.com/wiki/Advisories:rPSA-2009-0050nvd
- www.debian.org/security/2009/dsa-1746nvd
- www.gentoo.org/security/en/glsa/glsa-200903-37.xmlnvd
- www.mandriva.com/security/advisoriesnvd
- www.mandriva.com/security/advisoriesnvd
- www.securityfocus.com/archive/1/501994/100/0/threadednvd
- www.securityfocus.com/bid/34184nvd
- www.ubuntu.com/usn/USN-743-1nvd
- www.vupen.com/english/advisories/2009/1708nvd
- bugzilla.redhat.com/show_bug.cginvd
- exchange.xforce.ibmcloud.com/vulnerabilities/49327nvd
- issues.rpath.com/browse/RPL-2991nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10544nvd
- usn.ubuntu.com/757-1/nvd
- www.redhat.com/archives/fedora-package-announce/2009-March/msg00887.htmlnvd
- www.redhat.com/archives/fedora-package-announce/2009-March/msg00916.htmlnvd
News mentions
0No linked articles in our index yet.