ID CVE-2012-4405
Summary Multiple integer underflows in the icmLut_allocate function in International Color Consortium (ICC) Format library (icclib), as used in Ghostscript 9.06 and Argyll Color Management System, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) PostScript or (2) PDF file with embedded images, which triggers a heap-based buffer overflow. NOTE: this issue is also described as an array index error.
References
Vulnerable Configurations
  • cpe:2.3:a:argyllcms:cms:-:*:*:*:*:*:*:*
    cpe:2.3:a:argyllcms:cms:-:*:*:*:*:*:*:*
  • cpe:2.3:a:color:icclib:-:*:*:*:*:*:*:*
    cpe:2.3:a:color:icclib:-:*:*:*:*:*:*:*
  • cpe:2.3:a:ghostscript:ghostscript:9.06:*:*:*:*:*:*:*
    cpe:2.3:a:ghostscript:ghostscript:9.06:*:*:*:*:*:*:*
CVSS
Base: 6.8 (as of 29-08-2017 - 01:32)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:P/A:P
redhat via4
advisories
bugzilla
id 854227
title CVE-2012-4405 ghostscript, argyllcms: Array index error leading to heap-based bufer OOB write
oval
OR
  • AND
    • comment Red Hat Enterprise Linux 5 is installed
      oval oval:com.redhat.rhba:tst:20070331001
    • OR
      • AND
        • comment ghostscript is earlier than 0:8.70-14.el5_8.1
          oval oval:com.redhat.rhsa:tst:20121256002
        • comment ghostscript is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20080155015
      • AND
        • comment ghostscript-devel is earlier than 0:8.70-14.el5_8.1
          oval oval:com.redhat.rhsa:tst:20121256004
        • comment ghostscript-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20080155017
      • AND
        • comment ghostscript-gtk is earlier than 0:8.70-14.el5_8.1
          oval oval:com.redhat.rhsa:tst:20121256006
        • comment ghostscript-gtk is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20080155019
  • AND
    • OR
      • comment Red Hat Enterprise Linux 6 Client is installed
        oval oval:com.redhat.rhba:tst:20111656001
      • comment Red Hat Enterprise Linux 6 Server is installed
        oval oval:com.redhat.rhba:tst:20111656002
      • comment Red Hat Enterprise Linux 6 Workstation is installed
        oval oval:com.redhat.rhba:tst:20111656003
      • comment Red Hat Enterprise Linux 6 ComputeNode is installed
        oval oval:com.redhat.rhba:tst:20111656004
    • OR
      • AND
        • comment ghostscript is earlier than 0:8.70-14.el6_3.1
          oval oval:com.redhat.rhsa:tst:20121256012
        • comment ghostscript is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20120095013
      • AND
        • comment ghostscript-devel is earlier than 0:8.70-14.el6_3.1
          oval oval:com.redhat.rhsa:tst:20121256016
        • comment ghostscript-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20120095017
      • AND
        • comment ghostscript-doc is earlier than 0:8.70-14.el6_3.1
          oval oval:com.redhat.rhsa:tst:20121256014
        • comment ghostscript-doc is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20120095019
      • AND
        • comment ghostscript-gtk is earlier than 0:8.70-14.el6_3.1
          oval oval:com.redhat.rhsa:tst:20121256018
        • comment ghostscript-gtk is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20120095015
rhsa
id RHSA-2012:1256
released 2012-09-11
severity Moderate
title RHSA-2012:1256: ghostscript security update (Moderate)
rpms
  • ghostscript-0:8.70-14.el5_8.1
  • ghostscript-devel-0:8.70-14.el5_8.1
  • ghostscript-gtk-0:8.70-14.el5_8.1
  • ghostscript-0:8.70-14.el6_3.1
  • ghostscript-devel-0:8.70-14.el6_3.1
  • ghostscript-doc-0:8.70-14.el6_3.1
  • ghostscript-gtk-0:8.70-14.el6_3.1
refmap via4
bid 55494
confirm https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0301
gentoo GLSA-201412-17
mandriva
  • MDVSA-2012:151
  • MDVSA-2013:089
  • MDVSA-2013:090
mlist [oss-security] 20120911 CVE-2012-4405 ghostscript, argyllcms: Array index error leading to heap-based bufer OOB write
sectrack 1027517
secunia 50719
suse
  • SUSE-SU-2012:1222
  • openSUSE-SU-2012:1289
  • openSUSE-SU-2012:1290
ubuntu USN-1581-1
xf icclib-pdf-bo(78411)
Last major update 29-08-2017 - 01:32
Published 18-09-2012 - 17:55
Back to Top