VYPR
Unrated severityNVD Advisory· Published Mar 23, 2009· Updated Jun 16, 2026

CVE-2009-0584

CVE-2009-0584

Description

icc.c in the International Color Consortium (ICC) Format library (aka icclib), as used in Ghostscript 8.64 and earlier and Argyll Color Management System (CMS) 1.0.3 and earlier, allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code by using a device file for processing a crafted image file associated with large integer values for certain sizes, related to an ICC profile in a (1) PostScript or (2) PDF file with embedded images.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

16
  • cpe:2.3:a:argyllcms:cms:*:*:*:*:*:*:*:*
    Range: <=1.0.3
  • Artifex/Ghostscript13 versions
    cpe:2.3:a:ghostscript:ghostscript:*:*:*:*:*:*:*:*+ 12 more
    • cpe:2.3:a:ghostscript:ghostscript:*:*:*:*:*:*:*:*range: <=8.64
    • cpe:2.3:a:ghostscript:ghostscript:0:*:*:*:*:*:*:*
    • cpe:2.3:a:ghostscript:ghostscript:5.50:*:*:*:*:*:*:*
    • cpe:2.3:a:ghostscript:ghostscript:7.05:*:*:*:*:*:*:*
    • cpe:2.3:a:ghostscript:ghostscript:7.07:*:*:*:*:*:*:*
    • cpe:2.3:a:ghostscript:ghostscript:8.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ghostscript:ghostscript:8.15:*:*:*:*:*:*:*
    • cpe:2.3:a:ghostscript:ghostscript:8.15.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ghostscript:ghostscript:8.54:*:*:*:*:*:*:*
    • cpe:2.3:a:ghostscript:ghostscript:8.56:*:*:*:*:*:*:*
    • cpe:2.3:a:ghostscript:ghostscript:8.57:*:*:*:*:*:*:*
    • cpe:2.3:a:ghostscript:ghostscript:8.60:*:*:*:*:*:*:*
    • cpe:2.3:a:ghostscript:ghostscript:8.61:*:*:*:*:*:*:*
  • Artifex/icc.cllm-create
    Range: <=8.64
  • Range: <=1.0.3

Patches

Vulnerability mechanics

References

41

News mentions

0

No linked articles in our index yet.