CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
Percentile
82.0%
icc.c in the International Color Consortium (ICC) Format library (aka icclib), as used in Ghostscript 8.64 and earlier and Argyll Color Management System (CMS) 1.0.3 and earlier, allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code by using a device file for processing a crafted image file associated with large integer values for certain sizes, related to an ICC profile in a (1) PostScript or (2) PDF file with embedded images.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | argyll | <Β 1.0.3-2 | argyll_1.0.3-2_all.deb |
Debian | 11 | all | argyll | <Β 1.0.3-2 | argyll_1.0.3-2_all.deb |
Debian | 999 | all | argyll | <Β 1.0.3-2 | argyll_1.0.3-2_all.deb |
Debian | 13 | all | argyll | <Β 1.0.3-2 | argyll_1.0.3-2_all.deb |
Debian | 12 | all | ghostscript | <Β 8.64~dfsg-1.1 | ghostscript_8.64~dfsg-1.1_all.deb |
Debian | 11 | all | ghostscript | <Β 8.64~dfsg-1.1 | ghostscript_8.64~dfsg-1.1_all.deb |
Debian | 999 | all | ghostscript | <Β 8.64~dfsg-1.1 | ghostscript_8.64~dfsg-1.1_all.deb |
Debian | 13 | all | ghostscript | <Β 8.64~dfsg-1.1 | ghostscript_8.64~dfsg-1.1_all.deb |