admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-29 09:41:31 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2009/CVE-2009-05xx/CVE-2009-0584.json

543 lines
17 KiB
JSON
Raw Normal View History

bootstrap
2023-04-24 12:24:31 +02:00
{
"id": "CVE-2009-0584",
"sourceIdentifier": "secalert@redhat.com",
"published": "2009-03-23T20:00:00.377",
Auto-Update: 2024-11-22T09:12:11.646040+00:00
2024-11-22 09:15:19 +00:00
"lastModified": "2024-11-21T01:00:24.630",
bootstrap
2023-04-24 12:24:31 +02:00
"vulnStatus": "Modified",
Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00
"cveTags": [],
bootstrap
2023-04-24 12:24:31 +02:00
"descriptions": [
{
"lang": "en",
"value": "icc.c in the International Color Consortium (ICC) Format library (aka icclib), as used in Ghostscript 8.64 and earlier and Argyll Color Management System (CMS) 1.0.3 and earlier, allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code by using a device file for processing a crafted image file associated with large integer values for certain sizes, related to an ICC profile in a (1) PostScript or (2) PDF file with embedded images."
},
{
"lang": "es",
"value": "icc.c, perteneciente a la librer\u00eda de formatos del International Color Consortium (ICC) (alias icclib), tal y como se utiliza en Ghostscript 8.64 y anteriores y Argyll Color Management System (CMS) 1.0.3 y anteriores, permite causar una denegaci\u00f3n de servicio (con ca\u00edda de la aplicaci\u00f3n) a atacantes dependientes de contexto, o posiblemente ejecutar c\u00f3digo arbitrario por medio de un fichero de dispositivo dise\u00f1ado para procesar archivos de imagen con modificaciones relacionadas con valores enteros grandes para determinados tama\u00f1os, en relaci\u00f3n con un perfil ICC en un (1) PostScript o (2) un archivo PDF con im\u00e1genes incrustadas."
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
Auto-Update: 2024-11-22T09:12:11.646040+00:00
2024-11-22 09:15:19 +00:00
"baseScore": 9.3,
bootstrap
2023-04-24 12:24:31 +02:00
"accessVector": "NETWORK",
"accessComplexity": "MEDIUM",
"authentication": "NONE",
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
Auto-Update: 2024-11-22T09:12:11.646040+00:00
2024-11-22 09:15:19 +00:00
"availabilityImpact": "COMPLETE"
bootstrap
2023-04-24 12:24:31 +02:00
},
"baseSeverity": "HIGH",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": true
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-189"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:argyllcms:cms:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.0.3",
"matchCriteriaId": "E37C8B4A-24A1-420A-A82F-190B3D343C68"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ghostscript:ghostscript:*:*:*:*:*:*:*:*",
"versionEndIncluding": "8.64",
"matchCriteriaId": "06B00D31-6A9C-44C2-AF0F-36F91CADCF04"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ghostscript:ghostscript:0:*:*:*:*:*:*:*",
"matchCriteriaId": "6E68242D-465A-443F-9D25-BE57F9080394"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ghostscript:ghostscript:5.50:*:*:*:*:*:*:*",
"matchCriteriaId": "A46BABB2-C49A-4EF4-9FD7-7E80EE7CF55A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ghostscript:ghostscript:7.05:*:*:*:*:*:*:*",
"matchCriteriaId": "A9ECC8F7-93FD-427D-8395-F1B025CA4322"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ghostscript:ghostscript:7.07:*:*:*:*:*:*:*",
"matchCriteriaId": "E63082C3-15B6-4DD8-8818-BFD61B054B08"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ghostscript:ghostscript:8.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9877DC36-5151-43C9-864D-BE7939A0304D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ghostscript:ghostscript:8.15:*:*:*:*:*:*:*",
"matchCriteriaId": "1F9F0F0A-E413-42CC-B67D-434EC6A92543"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ghostscript:ghostscript:8.15.2:*:*:*:*:*:*:*",
"matchCriteriaId": "491F4BDC-33BD-4EA6-A19B-1066BBC9EBFC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ghostscript:ghostscript:8.54:*:*:*:*:*:*:*",
"matchCriteriaId": "9DA7298B-2552-45DF-AE6B-FC71ACF623E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ghostscript:ghostscript:8.56:*:*:*:*:*:*:*",
"matchCriteriaId": "87A234A3-5FF9-4567-A731-3FFCD1965C60"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ghostscript:ghostscript:8.57:*:*:*:*:*:*:*",
"matchCriteriaId": "B2916811-2ABD-4CC4-829B-AE805BA1BC6F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ghostscript:ghostscript:8.60:*:*:*:*:*:*:*",
"matchCriteriaId": "7B283683-D924-4C69-87F3-355ECC0DBA4B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ghostscript:ghostscript:8.61:*:*:*:*:*:*:*",
"matchCriteriaId": "265CBC8B-5EF6-4335-B3EC-FF93A1DF8A9B"
}
]
}
]
}
],
"references": [
{
"url": "http://bugs.gentoo.org/show_bug.cgi?id=261087",
"source": "secalert@redhat.com"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html",
"source": "secalert@redhat.com"
},
Auto-Update: 2024-04-04T08:42:25.815847+00:00
2024-04-04 08:46:00 +00:00
{
"url": "http://osvdb.org/52988",
"source": "secalert@redhat.com"
},
{
"url": "http://secunia.com/advisories/34266",
"source": "secalert@redhat.com"
},
{
"url": "http://secunia.com/advisories/34373",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://secunia.com/advisories/34381",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://secunia.com/advisories/34393",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://secunia.com/advisories/34398",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://secunia.com/advisories/34418",
"source": "secalert@redhat.com"
},
{
"url": "http://secunia.com/advisories/34437",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://secunia.com/advisories/34443",
"source": "secalert@redhat.com"
},
{
"url": "http://secunia.com/advisories/34469",
"source": "secalert@redhat.com"
},
{
"url": "http://secunia.com/advisories/34729",
"source": "secalert@redhat.com"
},
{
"url": "http://secunia.com/advisories/35559",
"source": "secalert@redhat.com"
},
{
"url": "http://secunia.com/advisories/35569",
"source": "secalert@redhat.com"
},
bootstrap
2023-04-24 12:24:31 +02:00
{
"url": "http://securitytracker.com/id?1021868",
"source": "secalert@redhat.com"
},
{
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-262288-1",
"source": "secalert@redhat.com"
},
{
"url": "http://support.avaya.com/elmodocs2/security/ASA-2009-098.htm",
"source": "secalert@redhat.com"
},
{
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0050",
"source": "secalert@redhat.com"
},
{
"url": "http://www.auscert.org.au/render.html?it=10666",
"source": "secalert@redhat.com",
"tags": [
"US Government Resource"
]
},
{
"url": "http://www.debian.org/security/2009/dsa-1746",
"source": "secalert@redhat.com"
},
{
"url": "http://www.gentoo.org/security/en/glsa/glsa-200903-37.xml",
"source": "secalert@redhat.com"
},
{
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:095",
"source": "secalert@redhat.com"
},
{
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:096",
"source": "secalert@redhat.com"
},
{
"url": "http://www.redhat.com/support/errata/RHSA-2009-0345.html",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.securityfocus.com/archive/1/501994/100/0/threaded",
"source": "secalert@redhat.com"
},
{
"url": "http://www.securityfocus.com/bid/34184",
"source": "secalert@redhat.com"
},
{
"url": "http://www.ubuntu.com/usn/USN-743-1",
"source": "secalert@redhat.com"
},
{
"url": "http://www.vupen.com/english/advisories/2009/0776",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.vupen.com/english/advisories/2009/0777",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.vupen.com/english/advisories/2009/0816",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.vupen.com/english/advisories/2009/1708",
"source": "secalert@redhat.com"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=487744",
"source": "secalert@redhat.com"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49327",
"source": "secalert@redhat.com"
},
{
"url": "https://issues.rpath.com/browse/RPL-2991",
"source": "secalert@redhat.com"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10544",
"source": "secalert@redhat.com"
},
{
"url": "https://usn.ubuntu.com/757-1/",
"source": "secalert@redhat.com"
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00770.html",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00772.html",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00887.html",
"source": "secalert@redhat.com"
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00916.html",
"source": "secalert@redhat.com"
Auto-Update: 2024-11-22T09:12:11.646040+00:00
2024-11-22 09:15:19 +00:00
},
{
"url": "http://bugs.gentoo.org/show_bug.cgi?id=261087",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://osvdb.org/52988",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://secunia.com/advisories/34266",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://secunia.com/advisories/34373",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://secunia.com/advisories/34381",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://secunia.com/advisories/34393",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://secunia.com/advisories/34398",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://secunia.com/advisories/34418",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://secunia.com/advisories/34437",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://secunia.com/advisories/34443",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://secunia.com/advisories/34469",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://secunia.com/advisories/34729",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://secunia.com/advisories/35559",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://secunia.com/advisories/35569",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://securitytracker.com/id?1021868",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-262288-1",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://support.avaya.com/elmodocs2/security/ASA-2009-098.htm",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0050",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.auscert.org.au/render.html?it=10666",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
]
},
{
"url": "http://www.debian.org/security/2009/dsa-1746",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.gentoo.org/security/en/glsa/glsa-200903-37.xml",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:095",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:096",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.redhat.com/support/errata/RHSA-2009-0345.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.securityfocus.com/archive/1/501994/100/0/threaded",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.securityfocus.com/bid/34184",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.ubuntu.com/usn/USN-743-1",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.vupen.com/english/advisories/2009/0776",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.vupen.com/english/advisories/2009/0777",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.vupen.com/english/advisories/2009/0816",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.vupen.com/english/advisories/2009/1708",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=487744",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49327",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://issues.rpath.com/browse/RPL-2991",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10544",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://usn.ubuntu.com/757-1/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00770.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00772.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00887.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00916.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
bootstrap
2023-04-24 12:24:31 +02:00
}
]
}
Reference in New Issue Copy Permalink