CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
Percentile
82.0%
icc.c in the International Color Consortium (ICC) Format library (aka
icclib), as used in Ghostscript 8.64 and earlier and Argyll Color
Management System (CMS) 1.0.3 and earlier, allows context-dependent
attackers to cause a denial of service (application crash) or possibly
execute arbitrary code by using a device file for processing a crafted
image file associated with large integer values for certain sizes, related
to an ICC profile in a (1) PostScript or (2) PDF file with embedded images.