Aggregates CVE and security vulnerability intelligence across all argyllcms-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Disclosed issues often relate to vendor risk buffer overflow, vendor risk memory corruption, and vendor risk denial of service; exposure may include vendor impact application crash in vendor surface production workloads contexts.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2012-4405 | Multiple integer underflows in the icmLut_allocate function in International Color Consortium (ICC) Format library (icclib), as used in Ghostscript 9.06 and Argyll Color Management System, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) PostScript or (2) PDF file with embedded images, which triggers a heap-based buffer overflow. NOTE: this issue is also described as an array index error. | [email protected] | 6.8 | 23.79% | 2012-09-18 | 2026-04-29 |
| CVE-2012-1616 | Use-after-free vulnerability in icclib before 2.13, as used by Argyll CMS before 1.4 and possibly other programs, allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted ICC profile file. | [email protected] | 9.3 | 7.36% | 2012-06-21 | 2026-04-29 |
| CVE-2009-0792 | Multiple integer overflows in icc.c in the International Color Consortium (ICC) Format library (aka icclib), as used in Ghostscript 8.64 and earlier and Argyll Color Management System (CMS) 1.0.3 and earlier, allow context-dependent attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly execute arbitrary code by using a device file for a translation request that operates on a crafted image file and targets a certain "native color space," related to | [email protected] | 9.3 | 1.17% | 2009-04-14 | 2026-04-23 |
| CVE-2009-0584 | icc.c in the International Color Consortium (ICC) Format library (aka icclib), as used in Ghostscript 8.64 and earlier and Argyll Color Management System (CMS) 1.0.3 and earlier, allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code by using a device file for processing a crafted image file associated with large integer values for certain sizes, related to an ICC profile in a (1) PostScript or (2) PDF file with embedded images. | [email protected] | 9.3 | 8.95% | 2009-03-23 | 2026-04-23 |
| CVE-2009-0583 | Multiple integer overflows in icc.c in the International Color Consortium (ICC) Format library (aka icclib), as used in Ghostscript 8.64 and earlier and Argyll Color Management System (CMS) 1.0.3 and earlier, allow context-dependent attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly execute arbitrary code by using a device file for a translation request that operates on a crafted image file and targets a certain "native color space," related to | [email protected] | 9.3 | 4.57% | 2009-03-23 | 2026-04-23 |