icc.c in the International Color Consortium (ICC) Format library (aka icclib), as used in Ghostscript 8.64 and previous versions and Argyll Color Management System (CMS) 1.0.3 and previous versions, allows context-dependent malicious users to cause a denial of service (application crash) or possibly execute arbitrary code by using a device file for processing a crafted image file associated with large integer values for certain sizes, related to an ICC profile in a (1) PostScript or (2) PDF file with embedded images.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ghostscript ghostscript 8.15.2 |
||
ghostscript ghostscript 8.60 |
||
ghostscript ghostscript 8.57 |
||
argyllcms cms |
||
ghostscript ghostscript 8.0.1 |
||
ghostscript ghostscript 8.15 |
||
ghostscript ghostscript 7.07 |
||
ghostscript ghostscript 7.05 |
||
ghostscript ghostscript 8.61 |
||
ghostscript ghostscript 0 |
||
ghostscript ghostscript 5.50 |
||
ghostscript ghostscript |
||
ghostscript ghostscript 8.56 |
||
ghostscript ghostscript 8.54 |