PublicDateAtUSN: 2012-09-18 Candidate: CVE-2012-4405 PublicDate: 2012-09-18 17:55:00 UTC References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4405 https://rhn.redhat.com/errata/RHSA-2012-1256.html https://ubuntu.com/security/notices/USN-1581-1 Description: Multiple integer underflows in the icmLut_allocate function in International Color Consortium (ICC) Format library (icclib), as used in Ghostscript 9.06 and Argyll Color Management System, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) PostScript or (2) PDF file with embedded images, which triggers a heap-based buffer overflow. NOTE: this issue is also described as an array index error. Ubuntu-Description: Notes: mdeslaur> icclib isn't built in oneiric. Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=854227 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=687274 (gs) http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=687275 (argyll) Priority: medium Discovered-by: Marc Schönefeld Assigned-to: mdeslaur CVSS: Patches_ghostscript: redhat: https://bugzilla.redhat.com/attachment.cgi?id=609986 upstream_ghostscript: needs-triage hardy_ghostscript: released (8.61.dfsg.1-1ubuntu3.5) lucid_ghostscript: released (8.71.dfsg.1-0ubuntu5.5) natty_ghostscript: not-affected (code not present) oneiric_ghostscript: not-affected precise_ghostscript: not-affected (code not present) precise/esm_ghostscript: DNE (precise was not-affected [code not present]) quantal_ghostscript: not-affected (code not present) raring_ghostscript: not-affected (code not present) saucy_ghostscript: not-affected (code not present) trusty_ghostscript: not-affected (code not present) trusty/esm_ghostscript: DNE (trusty was not-affected [code not present]) utopic_ghostscript: not-affected (code not present) vivid_ghostscript: not-affected (code not present) vivid/stable-phone-overlay_ghostscript: DNE vivid/ubuntu-core_ghostscript: DNE wily_ghostscript: not-affected (code not present) xenial_ghostscript: not-affected (code not present) esm-infra/xenial_ghostscript: not-affected (code not present) yakkety_ghostscript: not-affected (code not present) zesty_ghostscript: not-affected (code not present) devel_ghostscript: not-affected (code not present) upstream_gs-gpl: needs-triage hardy_gs-gpl: DNE lucid_gs-gpl: DNE natty_gs-gpl: DNE oneiric_gs-gpl: DNE precise_gs-gpl: DNE precise/esm_gs-gpl: DNE quantal_gs-gpl: DNE raring_gs-gpl: DNE saucy_gs-gpl: DNE trusty_gs-gpl: DNE trusty/esm_gs-gpl: DNE utopic_gs-gpl: DNE vivid_gs-gpl: DNE vivid/stable-phone-overlay_gs-gpl: DNE vivid/ubuntu-core_gs-gpl: DNE wily_gs-gpl: DNE xenial_gs-gpl: DNE yakkety_gs-gpl: DNE zesty_gs-gpl: DNE devel_gs-gpl: DNE upstream_gs-esp: needs-triage hardy_gs-esp: DNE lucid_gs-esp: DNE natty_gs-esp: DNE oneiric_gs-esp: DNE precise_gs-esp: DNE precise/esm_gs-esp: DNE quantal_gs-esp: DNE raring_gs-esp: DNE saucy_gs-esp: DNE trusty_gs-esp: DNE trusty/esm_gs-esp: DNE utopic_gs-esp: DNE vivid_gs-esp: DNE vivid/stable-phone-overlay_gs-esp: DNE vivid/ubuntu-core_gs-esp: DNE wily_gs-esp: DNE xenial_gs-esp: DNE yakkety_gs-esp: DNE zesty_gs-esp: DNE devel_gs-esp: DNE upstream_gs-afpl: needs-triage hardy_gs-afpl: DNE lucid_gs-afpl: DNE natty_gs-afpl: DNE oneiric_gs-afpl: DNE precise_gs-afpl: DNE precise/esm_gs-afpl: DNE quantal_gs-afpl: DNE raring_gs-afpl: DNE saucy_gs-afpl: DNE trusty_gs-afpl: DNE trusty/esm_gs-afpl: DNE utopic_gs-afpl: DNE vivid_gs-afpl: DNE vivid/stable-phone-overlay_gs-afpl: DNE vivid/ubuntu-core_gs-afpl: DNE wily_gs-afpl: DNE xenial_gs-afpl: DNE yakkety_gs-afpl: DNE zesty_gs-afpl: DNE devel_gs-afpl: DNE Patches_argyll: upstream_argyll: released (1.4.0-7) hardy_argyll: DNE lucid_argyll: ignored (reached end-of-life) natty_argyll: ignored (reached end-of-life) oneiric_argyll: ignored (reached end-of-life) precise_argyll: ignored (reached end-of-life) precise/esm_argyll: DNE (precise was needs-triage) quantal_argyll: not-affected (1.4.0-7ubuntu1) raring_argyll: not-affected (1.4.0-7ubuntu1) saucy_argyll: not-affected (1.4.0-7ubuntu1) trusty_argyll: not-affected (1.4.0-7ubuntu1) trusty/esm_argyll: DNE (trusty was not-affected [1.4.0-7ubuntu1]) utopic_argyll: not-affected (1.4.0-7ubuntu1) vivid_argyll: not-affected (1.4.0-7ubuntu1) vivid/stable-phone-overlay_argyll: DNE vivid/ubuntu-core_argyll: DNE wily_argyll: not-affected (1.4.0-7ubuntu1) xenial_argyll: not-affected (1.4.0-7ubuntu1) yakkety_argyll: not-affected (1.4.0-7ubuntu1) zesty_argyll: not-affected (1.4.0-7ubuntu1) devel_argyll: not-affected (1.4.0-7ubuntu1)