oval:org.mitre.oval:def:22480

Definition Id: oval:org.mitre.oval:def:22480

Oval ID:	oval:org.mitre.oval:def:22480
Title:	ELSA-2009:0421: ghostscript security update (Moderate)
Description:	Multiple integer overflows in icc.c in the International Color Consortium (ICC) Format library (aka icclib), as used in Ghostscript 8.64 and earlier and Argyll Color Management System (CMS) 1.0.3 and earlier, allow context-dependent attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly execute arbitrary code by using a device file for a translation request that operates on a crafted image file and targets a certain "native color space," related to an ICC profile in a (1) PostScript or (2) PDF file with embedded images. NOTE: this issue exists because of an incomplete fix for CVE-2009-0583.
Family:	unix	Class:	patch
Reference(s):	ELSA-2009:0421-01 CVE-2007-6725 CVE-2008-6679 CVE-2009-0196 CVE-2009-0792	Version:	21
Platform(s):	Oracle Linux 5	Product(s):	ghostscript
Definition Synopsis:
Oracle Linux 5.x rpm test ghostscript-gtk is earlier than 0:8.15.2-9.4.el5_3.7 AND ghostscript is earlier than 0:8.15.2-9.4.el5_3.7 AND ghostscript-devel is earlier than 0:8.15.2-9.4.el5_3.7

Definition Id: oval:org.mitre.oval:def:15459

Oval ID:	oval:org.mitre.oval:def:15459
Title:	Oracle Linux 5.x
Description:	The operating system installed on the system is Oracle Linux 5.x
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:oracle:linux:5	Version:	7
Platform(s):	Oracle Linux 5	Product(s):
Definition Synopsis:
the installed operating system is part of the Unix family AND Oracle Linux 5.x is installed
Referenced By:
oval:org.mitre.oval:def:22480