CVE-2009-0792

Multiple integer overflows in icc.c in the International Color Consortium (ICC) Format library (aka icclib), as used in Ghostscript 8.64 and earlier and Argyll Color Management System (CMS) 1.0.3 and earlier, allow context-dependent attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly execute arbitrary code by using a device file for a translation request that operates on a crafted image file and targets a certain "native color space," related to an ICC profile in a (1) PostScript or (2) PDF file with embedded images. NOTE: this issue exists because of an incomplete fix for CVE-2009-0583.

Published: 2009-04-14 Last update: 2026-04-23 Assigner: [email protected] Source: [email protected]
NVD Status:ModifiedCVE State: published
View at NVD, CVE.org, EUVD

CVE-2009-0792 is rated Moderate Risk (62.1/100): CVSS Critical severity, with medium exploitation likelihood (EPSS 1.17%). Review affected assets and schedule remediation.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Exploit prediction scoring system (EPSS) score for CVE-2009-0792

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2025-03-30 3.14% 1.17% -1.96%
2 2025-03-29 1.17% 3.14% +1.97%
3 2023-11-08 1.17%

Full EPSS history (7 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2009-0792

CVSS metrics for this CVE.

Base score Version Severity Vector Exploitability Impact Score source
9.3 2.0 HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C Click to expand
Access vector (AV:N)
Can be exploited remotely over network reachability.
Access complexity (AC:M)
Exploitation needs some favorable conditions, but not exceptional ones.
Authentication (AU:N)
No authentication is required.
Confidentiality impact (C:C)
Complete confidentiality impact.
Integrity impact (I:C)
Complete integrity impact.
Availability impact (A:C)
Complete availability impact.
 8.6 10.0 [email protected]

Weakness enumeration for CVE-2009-0792

OS Trackers for CVE-2009-0792

vendor priority summary link
debian medium CVE-2009-0792 medium priority: Debian including 2 source packages (argyll, ghostscript), 10 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): resolved 10. https://security-tracker.debian.org/tracker/CVE-2009-0792
gentoo normal CVE-2009-0792: 1 GLSA(s) (201412-17), 1 atom(s) (app-text/ghostscript-gpl); latest impact normal. https://bugs.gentoo.org/buglist.cgi?quicksearch=CVE-2009-0792
redhat medium https://access.redhat.com/security/cve/CVE-2009-0792
ubuntu low CVE-2009-0792 low priority: Ubuntu including 4 source packages (ghostscript, gs-afpl, gs-esp, gs-gpl), 28 status rows across 7 suites (dapper, gutsy, hardy, intrepid, jaunty, karmic, upstream): DNE 16, released 6, needs-triage 4, ignored 2. https://ubuntu.com/security/CVE-2009-0792

Affected software / configurations for CVE-2009-0792

Vendor Product Version Raw CPE
ghostscript ghostscript <= 8.64 cpe:2.3:a:ghostscript:ghostscript:*:*:*:*:*:*:*:*
ghostscript ghostscript 5.50 cpe:2.3:a:ghostscript:ghostscript:5.50:*:*:*:*:*:*:*
ghostscript ghostscript 7.05 cpe:2.3:a:ghostscript:ghostscript:7.05:*:*:*:*:*:*:*
ghostscript ghostscript 7.07 cpe:2.3:a:ghostscript:ghostscript:7.07:*:*:*:*:*:*:*
ghostscript ghostscript 8.0.1 cpe:2.3:a:ghostscript:ghostscript:8.0.1:*:*:*:*:*:*:*
ghostscript ghostscript 8.15 cpe:2.3:a:ghostscript:ghostscript:8.15:*:*:*:*:*:*:*
ghostscript ghostscript 8.15.2 cpe:2.3:a:ghostscript:ghostscript:8.15.2:*:*:*:*:*:*:*
ghostscript ghostscript 8.54 cpe:2.3:a:ghostscript:ghostscript:8.54:*:*:*:*:*:*:*
ghostscript ghostscript 8.56 cpe:2.3:a:ghostscript:ghostscript:8.56:*:*:*:*:*:*:*
ghostscript ghostscript 8.57 cpe:2.3:a:ghostscript:ghostscript:8.57:*:*:*:*:*:*:*
ghostscript ghostscript 8.61 cpe:2.3:a:ghostscript:ghostscript:8.61:*:*:*:*:*:*:*
ghostscript ghostscript 8.62 cpe:2.3:a:ghostscript:ghostscript:8.62:*:*:*:*:*:*:*
ghostscript ghostscript 8.63 cpe:2.3:a:ghostscript:ghostscript:8.63:*:*:*:*:*:*:*
argyllcms argyllcms <= 1.0.3 cpe:2.3:a:argyllcms:argyllcms:*:*:*:*:*:*:*:*
argyllcms argyllcms 0.1.0 cpe:2.3:a:argyllcms:argyllcms:0.1.0:*:*:*:*:*:*:*
argyllcms argyllcms 0.2.0 cpe:2.3:a:argyllcms:argyllcms:0.2.0:*:*:*:*:*:*:*
argyllcms argyllcms 0.2.1 cpe:2.3:a:argyllcms:argyllcms:0.2.1:*:*:*:*:*:*:*
argyllcms argyllcms 0.2.2 cpe:2.3:a:argyllcms:argyllcms:0.2.2:*:*:*:*:*:*:*
argyllcms argyllcms 0.3.0 cpe:2.3:a:argyllcms:argyllcms:0.3.0:*:*:*:*:*:*:*
argyllcms argyllcms 0.6.0 cpe:2.3:a:argyllcms:argyllcms:0.6.0:*:*:*:*:*:*:*
argyllcms argyllcms 0.7.0 cpe:2.3:a:argyllcms:argyllcms:0.7.0:beta_8:*:*:*:*:*:*
argyllcms argyllcms 1.0.0 cpe:2.3:a:argyllcms:argyllcms:1.0.0:*:*:*:*:*:*:*
argyllcms argyllcms 1.0.2 cpe:2.3:a:argyllcms:argyllcms:1.0.2:*:*:*:*:*:*:*

References for CVE-2009-0792

URL Tags
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html
http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html
http://secunia.com/advisories/34373 Vendor Advisory
http://secunia.com/advisories/34667
http://secunia.com/advisories/34711 Vendor Advisory
http://secunia.com/advisories/34726
http://secunia.com/advisories/34729
http://secunia.com/advisories/34732
http://secunia.com/advisories/35416
http://secunia.com/advisories/35559
http://secunia.com/advisories/35569
http://security.gentoo.org/glsa/glsa-201412-17.xml
http://sunsolve.sun.com/search/document.do?assetkey=1-26-262288-1
http://support.avaya.com/elmodocs2/security/ASA-2009-155.htm
http://wiki.rpath.com/Advisories:rPSA-2009-0060
http://www.mandriva.com/security/advisories?name=MDVSA-2009:095
http://www.mandriva.com/security/advisories?name=MDVSA-2009:096
http://www.redhat.com/support/errata/RHSA-2009-0420.html
http://www.redhat.com/support/errata/RHSA-2009-0421.html
http://www.securityfocus.com/archive/1/502757/100/0/threaded
http://www.vupen.com/english/advisories/2009/1708
https://bugzilla.redhat.com/show_bug.cgi?id=491853
https://exchange.xforce.ibmcloud.com/vulnerabilities/50381
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11207
https://usn.ubuntu.com/757-1/
https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00211.html
https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00217.html
https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00460.html
https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00461.html
cvelogic Threat Intelligence