Vulnerability CVE-2009-0792

Vulnerability Name:

CVE-2009-0792 (CCN-50381)

Assigned:

2009-04-08

Published:

2009-04-08

Updated:

2023-02-13

Summary:

Multiple integer overflows in icc.c in the International Color Consortium (ICC) Format library (aka icclib), as used in Ghostscript 8.64 and earlier and Argyll Color Management System (CMS) 1.0.3 and earlier, allow context-dependent attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly execute arbitrary code by using a device file for a translation request that operates on a crafted image file and targets a certain "native color space," related to an ICC profile in a (1) PostScript or (2) PDF file with embedded images.
Note: this issue exists because of an incomplete fix for CVE-2009-0583.

CVSS v3 Severity:

7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
6.9 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

6.8 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.0 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

6.8 Medium (REDHAT CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.0 Medium (REDHAT Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2009-0792

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: Ghostscript, Ghostview and GSview Web page
Ghostscript, Ghostview and GSview

Source: CCN
Type: RHSA-2009-0420
Moderate: ghostscript security update

Source: CCN
Type: RHSA-2009-0421
Moderate: ghostscript security update

Source: CCN
Type: SA34373
Argyll Color Management System icclib Multiple Vulnerabilities

Source: CCN
Type: SA35559
Sun Solaris 9 Ghostscript Multiple Vulnerabilities

Source: CCN
Type: SA35569
Sun Solaris Ghostscript Multiple Vulnerabilities

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: ASA-2009-155
ghostscript security update (RHSA-2009-0420)

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: DEBIAN
Type: DSA-2080
ghostscript -- several vulnerabilities

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: USN-757-1
Ghostscript vulnerabilities

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: Red Hat Bugzilla Bug 491853
CVE-2009-0792 ghostscript, argyllcms: Incomplete fix for CVE-2009-0583

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: XF
Type: UNKNOWN
ghostscript-icc-bo(50381)

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: SUSE
Type: SUSE-SR:2009:009
SUSE Security Summary Report

Source: SUSE
Type: SUSE-SR:2009:011
SUSE Security Summary Report

Vulnerable Configuration:

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

Configuration RedHat 6:

cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

Configuration RedHat 7:

cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

Configuration RedHat 8:

cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:*

Configuration RedHat 9:

cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

Configuration CCN 1:

cpe:/a:ghostscript:ghostscript:8.15.2:*:*:*:*:*:*:*

OR cpe:/a:ghostscript:ghostscript:8.0.1:*:*:*:*:*:*:*

OR cpe:/a:ghostscript:ghostscript:8.61:*:*:*:*:*:*:*

OR cpe:/a:ghostscript:ghostscript:8.60:*:*:*:*:*:*:*

OR cpe:/a:ghostscript:ghostscript:8.57:*:*:*:*:*:*:*

OR cpe:/a:ghostscript:ghostscript:8.56:*:*:*:*:*:*:*

OR cpe:/a:ghostscript:ghostscript:8.54:*:*:*:*:*:*:*

OR cpe:/a:ghostscript:ghostscript:8.15:*:*:*:*:*:*:*

OR cpe:/a:ghostscript:ghostscript:7.07:*:*:*:*:*:*:*

OR cpe:/a:ghostscript:ghostscript:7.05:*:*:*:*:*:*:*

OR cpe:/a:ghostscript:ghostscript:8.64:*:*:*:*:*:*:*

OR cpe:/a:ghostscript:ghostscript:8.62:*:*:*:*:*:*:*

OR cpe:/a:ghostscript:ghostscript:8.63:*:*:*:*:*:*:*

OR cpe:/a:ghostscript:ghostscript:5.50:*:*:*:*:*:*:*

OR cpe:/a:argyllcms:argyllcms:1.0.3:*:*:*:*:*:*:*

OR cpe:/a:argyllcms:argyllcms:0.3.0:*:*:*:*:*:*:*

OR cpe:/a:argyllcms:argyllcms:0.2.2:*:*:*:*:*:*:*

OR cpe:/a:argyllcms:argyllcms:0.2.1:*:*:*:*:*:*:*

OR cpe:/a:argyllcms:argyllcms:0.2.0:*:*:*:*:*:*:*

OR cpe:/a:argyllcms:argyllcms:0.1.0:*:*:*:*:*:*:*

OR cpe:/a:argyllcms:argyllcms:1.0.2:*:*:*:*:*:*:*

OR cpe:/a:argyllcms:argyllcms:0.6.0:*:*:*:*:*:*:*

AND

cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

OR cpe:/o:canonical:ubuntu:6.06::lts:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0::x86_64:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0::x86_64:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2008.0::x86-64:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2008.1:x86_64:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2008.1:*:*:*:*:*:*:*

OR cpe:/o:canonical:ubuntu:8.04::lts:*:*:*:*:*

OR cpe:/o:mandriva:linux:2009.0:*:*:*:*:*:*:*

OR cpe:/o:mandriva:linux:2009.0:-:x86_64:*:*:*:*:*

OR cpe:/o:debian:debian_linux:5.0:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:42311	P	Security update for openssl-1_1 (Important)	2022-07-07
oval:org.opensuse.security:def:20090792	V	CVE-2009-0792	2022-05-20
oval:org.opensuse.security:def:31372	P	Security update for MozillaFirefox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:31371	P	Security update for java-1_8_0-ibm (Important) (in QA)	2022-01-04
oval:org.opensuse.security:def:26186	P	Security update for libqt4 (Important)	2021-12-22
oval:org.opensuse.security:def:33058	P	Security update for mozilla-nss (Important)	2021-12-06
oval:org.opensuse.security:def:26172	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:26163	P	Security update for bind (Important)	2021-11-11
oval:org.opensuse.security:def:32210	P	Security update for opensc (Important)	2021-10-29
oval:org.opensuse.security:def:31688	P	Security update for python-urllib3 (Moderate)	2021-09-29
oval:org.opensuse.security:def:31686	P	Security update for xen (Important)	2021-09-23
oval:org.opensuse.security:def:32191	P	Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (Important)	2021-09-23
oval:org.opensuse.security:def:31681	P	Security update for gtk-vnc (Moderate)	2021-09-16
oval:org.opensuse.security:def:26109	P	Security update for unrar (Moderate)	2021-08-25
oval:org.opensuse.security:def:31260	P	Security update for aspell (Important)	2021-08-25
oval:org.opensuse.security:def:32167	P	Security update for openssl (Important)	2021-08-24
oval:org.opensuse.security:def:42113	P	Security update for libmspack (Moderate)	2021-08-20
oval:org.opensuse.security:def:31240	P	Security update for webkit2gtk3 (Important)	2021-08-03
oval:org.opensuse.security:def:32147	P	Security update for the Linux Kernel (Live Patch 35 for SLE 12 SP3) (Important)	2021-07-21
oval:org.opensuse.security:def:32125	P	Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP3) (Important)	2021-06-18
oval:org.opensuse.security:def:36134	P	ghostscript-fonts-other-8.62-32.34.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36410	P	ghostscript-devel-8.62-32.34.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:31632	P	Security update for MozillaFirefox (Important)	2021-06-08
oval:org.opensuse.security:def:42541	P	ghostscript-fonts-other-8.62-32.34.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:31186	P	Security update for the Linux Kernel (Live Patch 34 for SLE 12 SP3) (Important)	2021-06-04
oval:org.opensuse.security:def:31628	P	Security update for dhcp (Important)	2021-06-01
oval:org.opensuse.security:def:31174	P	Security update for djvulibre (Important)	2021-05-19
oval:org.opensuse.security:def:31175	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:29359	P	Security update for bind (Important)	2021-05-04
oval:org.opensuse.security:def:32086	P	Security update for java-1_7_0-openjdk (Moderate)	2021-04-29
oval:org.opensuse.security:def:31612	P	Security update for gdm (Important)	2021-04-28
oval:org.opensuse.security:def:26035	P	Security update for apache-commons-io (Moderate)	2021-04-26
oval:org.opensuse.security:def:26033	P	Security update for ImageMagick (Moderate)	2021-04-20
oval:org.opensuse.security:def:26025	P	Security update for openexr (Moderate)	2021-04-07
oval:org.opensuse.security:def:33097	P	Security update for glib2 (Important)	2021-03-16
oval:org.opensuse.security:def:31738	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:32266	P	Security update for python-cryptography (Important)	2021-03-02
oval:org.opensuse.security:def:31737	P	Security update for python-cryptography (Important)	2021-03-02
oval:org.opensuse.security:def:32260	P	Security update for java-1_7_1-ibm (Important)	2021-02-18
oval:org.opensuse.security:def:31332	P	Security update for the Linux Kernel (Live Patch 32 for SLE 12 SP3) (Important)	2021-02-10
oval:org.opensuse.security:def:26084	P	Security update for postgresql, postgresql12, postgresql13 (Important)	2021-01-26
oval:org.opensuse.security:def:26031	P	Security update for php74 (Moderate)	2021-01-14
oval:org.opensuse.security:def:26133	P	Security update for java-1_8_0-ibm (Moderate)	2021-01-05
oval:org.opensuse.security:def:29395	P	Security update for openssh (Moderate)	2021-01-05
oval:org.opensuse.security:def:32829	P	Security update for openssl (Important)	2020-12-11
oval:org.opensuse.security:def:25975	P	Security update for openssl-1_0_0 (Important)	2020-12-09
oval:org.opensuse.security:def:25971	P	Security update for fontforge (Moderate)	2020-12-04
oval:org.opensuse.security:def:35904	P	ghostscript-fonts-other-8.62-32.34.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35554	P	ghostscript-fonts-other-8.62-32.27.31 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35706	P	ghostscript-fonts-other-8.62-32.28.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:41961	P	ghostscript-fonts-other-8.62-32.27.31 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:25258	P	Security update for postgresql10 (Low)	2020-12-01
oval:org.opensuse.security:def:25309	P	Security update for MozillaFirefox (Moderate)	2020-12-01
oval:org.opensuse.security:def:32317	P	Security update for rsync (Moderate)	2020-12-01
oval:org.opensuse.security:def:25784	P	Security update for flash-player (Critical)	2020-12-01
oval:org.opensuse.security:def:32726	P	libpulse-browse0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27937	P	Security update for GraphicsMagick (Important)	2020-12-01
oval:org.opensuse.security:def:26589	P	libltdl7 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26415	P	Security update for python-Django (Moderate)	2020-12-01
oval:org.opensuse.security:def:26903	P	ghostscript-fonts-other on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31383	P	Security update for openvpn (Important)	2020-12-01
oval:org.opensuse.security:def:31484	P	Security update for python (Important)	2020-12-01
oval:org.opensuse.security:def:31784	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:31928	P	Security update for giflib (Moderate)	2020-12-01
oval:org.opensuse.security:def:32480	P	MozillaFirefox on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25269	P	Security update for libpng12 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25390	P	Security update for python3 (Important)	2020-12-01
oval:org.opensuse.security:def:25682	P	Security update for wpa_supplicant (Moderate)	2020-12-01
oval:org.opensuse.security:def:25823	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:32770	P	perl-Tk on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27938	P	Security update for GraphicsMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:26385	P	Security update for go (Moderate)	2020-12-01
oval:org.opensuse.security:def:26638	P	squid on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26459	P	Security update for chromium (Important)	2020-12-01
oval:org.opensuse.security:def:31600	P	Security update for tightvnc (Important)	2020-12-01
oval:org.opensuse.security:def:31457	P	Security update for postgresql91	2020-12-01
oval:org.opensuse.security:def:31541	P	Security update for samba (Important)	2020-12-01
oval:org.opensuse.security:def:32037	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:31950	P	Security update for grub2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:32519	P	ghostscript-fonts-other on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25454	P	Security update for ucode-intel (Important)	2020-12-01
oval:org.opensuse.security:def:25333	P	Security update for apache-commons-httpclient (Important)	2020-12-01
oval:org.opensuse.security:def:25447	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:25735	P	Security update for exiv2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25837	P	Security update for ImageMagick (Important)	2020-12-01
oval:org.opensuse.security:def:33408	P	Security update for cobbler (Moderate)	2020-12-01
oval:org.opensuse.security:def:27949	P	Security update for GraphicsMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:26244	P	Security update for openconnect (Moderate)	2020-12-01
oval:org.opensuse.security:def:26536	P	dbus-1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26677	P	clamav on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27097	P	compat-libldap-2_3-0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31601	P	Security update for tomcat6 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31589	P	Security update for tiff (Moderate)	2020-12-01
oval:org.opensuse.security:def:31825	P	Security update for bind (Important)	2020-12-01
oval:org.opensuse.security:def:31994	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:25455	P	Security update for libjpeg-turbo (Important)	2020-12-01
oval:org.opensuse.security:def:25461	P	Security update for cpio (Moderate)	2020-12-01
oval:org.opensuse.security:def:25531	P	Security update for ucode-intel (Moderate)	2020-12-01
oval:org.opensuse.security:def:25936	P	Security update for libreoffice (Moderate)	2020-12-01
oval:org.opensuse.security:def:25881	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:33447	P	Security update for GhostScript	2020-12-01
oval:org.opensuse.security:def:31022	P	Security update for java-1_7_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:28013	P	Security update for apache2-mod_fcgid (Moderate)	2020-12-01
oval:org.opensuse.security:def:26301	P	Security update for gd (Moderate)	2020-12-01
oval:org.opensuse.security:def:28573	P	Security update for libgcrypt	2020-12-01
oval:org.opensuse.security:def:26691	P	enscript on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27132	P	ghostscript-fonts-other on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31981	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:32632	P	apache2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25466	P	Security update for libxml2 (Low)	2020-12-01
oval:org.opensuse.security:def:25542	P	Security update for java-1_8_0-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:25834	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:26519	P	PackageKit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31023	P	Security update for java-1_7_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:28143	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:28368	P	Security update for python (Moderate)	2020-12-01
oval:org.opensuse.security:def:28622	P	Security update for xorg-x11-libxcb	2020-12-01
oval:org.opensuse.security:def:26735	P	libMagickCore1-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31947	P	Security update for gpg2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:32671	P	ghostscript-fonts-other on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25683	P	Security update for ucode-intel (Moderate)	2020-12-01
oval:org.opensuse.security:def:25530	P	Security update for virglrenderer (Important)	2020-12-01
oval:org.opensuse.security:def:25599	P	Security update for apache2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25989	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:26554	P	ghostscript-fonts-other on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31034	P	Security update for jpeg (Low)	2020-12-01
oval:org.opensuse.security:def:28227	P	Security update for libssh2_org (Moderate)	2020-12-01
oval:org.opensuse.security:def:28520	P	Security update for openssl1 (Important)	2020-12-01
oval:org.opensuse.security:def:28661	P	Security update for file	2020-12-01
oval:org.opensuse.security:def:27373	P	avahi-compat-howl-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31948	P	Security update for gpg2 (Important)	2020-12-01
oval:org.opensuse.security:def:31818	P	Security update for audiofile (Moderate)	2020-12-01
oval:org.opensuse.security:def:32054	P	Security update for kvm (Important)	2020-12-01
oval:org.opensuse.security:def:32315	P	Security update for rsync (Moderate)	2020-12-01
oval:org.opensuse.security:def:25684	P	Security update for postgresql10 (Important)	2020-12-01
oval:org.opensuse.security:def:25658	P	Security update for liblouis (Low)	2020-12-01
oval:org.opensuse.security:def:25880	P	Security update for libvirt (Moderate)	2020-12-01
oval:org.opensuse.security:def:31108	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:28284	P	Security update for mysql (Important)	2020-12-01
oval:org.opensuse.security:def:28677	P	Security update for MozillaFirefox	2020-12-01
oval:org.opensuse.security:def:27408	P	ghostscript-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25105	P	Security update for ceph (Important)	2020-12-01
oval:org.opensuse.security:def:31959	P	Security update for gtk2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31910	P	Security update for fuse (Moderate)	2020-12-01
oval:org.opensuse.security:def:32354	P	Security update for squid3 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25695	P	Security update for gcc9 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25739	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:26671	P	apache2-mod_php53 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31476	P	Security update for puppet	2020-12-01
oval:org.opensuse.security:def:28721	P	Security update for kdirstat	2020-12-01
oval:org.opensuse.security:def:25106	P	Security update for webkit2gtk3 (Important)	2020-12-01
oval:org.opensuse.security:def:32033	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:31967	P	Security update for intel-SINIT (Important)	2020-12-01
oval:org.opensuse.security:def:32616	P	xen on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32376	P	Security update for tiff (Moderate)	2020-12-01
oval:org.opensuse.security:def:32868	P	ghostscript-fonts-other on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25959	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:25759	P	Security update for icu (Moderate)	2020-12-01
oval:org.opensuse.security:def:25796	P	Security update for util-linux (Moderate)	2020-12-01
oval:org.opensuse.security:def:26313	P	Security update for python-requests (Moderate)	2020-12-01
oval:org.opensuse.security:def:26706	P	ghostscript-fonts-other on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31776	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:25117	P	Security update for java-1_8_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:32404	P	Security update for w3m (Moderate)	2020-12-01
oval:org.opensuse.security:def:32665	P	freetype2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32420	P	Security update for wireshark (Moderate)	2020-12-01
oval:org.opensuse.security:def:25960	P	Security update for gimp (Moderate)	2020-12-01
oval:org.opensuse.security:def:25887	P	Security update for ImageMagick (Important)	2020-12-01
oval:org.opensuse.security:def:26362	P	Security update for nginx (Moderate)	2020-12-01
oval:org.opensuse.security:def:26230	P	Security update for libreoffice (Moderate)	2020-12-01
oval:org.opensuse.security:def:31389	P	Security update for orca (Moderate)	2020-12-01
oval:org.opensuse.security:def:31840	P	Security update for bsdtar (Important)	2020-12-01
oval:org.opensuse.security:def:31798	P	Security update for OpenEXR (Moderate)	2020-12-01
oval:org.opensuse.security:def:25257	P	Security update for apache2-mod_auth_openidc (Moderate)	2020-12-01
oval:org.opensuse.security:def:25181	P	Security update for python (Moderate)	2020-12-01
oval:org.opensuse.security:def:32560	P	libopenssl0_9_8 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32704	P	libapr1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25968	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:26260	P	Security update for Mesa (Moderate)	2020-12-01
oval:org.opensuse.security:def:26401	P	Security update for chromium (Important)	2020-12-01
oval:org.opensuse.security:def:26868	P	avahi on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31392	P	Security update for pam-modules (Moderate)	2020-12-01
oval:org.opensuse.security:def:31889	P	Security update for evince (Important)	2020-12-01
oval:org.opensuse.security:def:31842	P	Security update for bzip2 (Important)	2020-12-01
oval:org.mitre.oval:def:29276	P	RHSA-2009:0421 -- ghostscript security update (Moderate)	2015-08-17
oval:org.mitre.oval:def:12360	P	DSA-2080-1 ghostscript -- several	2014-07-21
oval:org.mitre.oval:def:13192	P	USN-757-1 -- ghostscript, gs-esp, gs-gpl vulnerabilities	2014-06-30
oval:org.mitre.oval:def:22480	P	ELSA-2009:0421: ghostscript security update (Moderate)	2014-05-26
oval:org.mitre.oval:def:11207	V	Multiple integer overflows in icc.c in the International Color Consortium (ICC) Format library (aka icclib), as used in Ghostscript 8.64 and earlier and Argyll Color Management System (CMS) 1.0.3 and earlier, allow context-dependent attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly execute arbitrary code by using a device file for a translation request that operates on a crafted image file and targets a certain "native color space," related to an ICC profile in a (1) PostScript or (2) PDF file with embedded images. NOTE: this issue exists because of an incomplete fix for CVE-2009-0583.	2013-04-29
oval:org.debian:def:2080	V	several vulnerabilities	2010-08-01
oval:com.redhat.rhsa:def:20090420	P	RHSA-2009:0420: ghostscript security update (Moderate)	2009-04-14
oval:com.redhat.rhsa:def:20090421	P	RHSA-2009:0421: ghostscript security update (Moderate)	2009-04-14

BACK