AskF5 | Security Advisory: SOL9990 - icclib vulnerabilities CVE-2009-0583 and CVE-2009-0584

AskF5 Knowledge Base

Applies To:

Show Versions

BIG-IP LTM

11.1.0, 11.0.0, 10.2.3, 10.2.2, 10.2.1, 10.2.0, 10.1.0, 10.0.1, 10.0.0, 9.6.1, 9.6.0, 9.4.8, 9.4.7, 9.4.6, 9.4.5, 9.4.4, 9.4.3, 9.4.2, 9.4.1, 9.4.0, 9.3.1, 9.3.0

BIG-IP ASM

11.1.0, 11.0.0, 10.2.3, 10.2.2, 10.2.1, 10.2.0, 10.1.0, 10.0.1, 10.0.0, 9.4.8, 9.4.7, 9.4.6, 9.4.5, 9.4.4, 9.4.3, 9.4.2, 9.4.1, 9.4.0, 9.3.1, 9.3.0

BIG-IP GTM

11.1.0, 11.0.0, 10.2.3, 10.2.2, 10.2.1, 10.2.0, 10.1.0, 10.0.1, 10.0.0, 9.4.8, 9.4.7, 9.4.6, 9.4.5, 9.4.4, 9.4.3, 9.4.2, 9.4.1, 9.4.0, 9.3.1, 9.3.0

BIG-IP PSM

11.1.0, 11.0.0, 10.2.3, 10.2.2, 10.2.1, 10.2.0, 10.1.0, 10.0.1, 10.0.0, 9.4.8, 9.4.7, 9.4.6, 9.4.5

BIG-IP Link Controller

11.1.0, 11.0.0, 10.2.3, 10.2.2, 10.2.1, 10.2.0, 10.1.0, 10.0.1, 10.0.0, 9.4.8, 9.4.7, 9.4.6, 9.4.5, 9.4.4, 9.4.3, 9.4.2, 9.4.1, 9.4.0, 9.3.1, 9.3.0

BIG-IP WebAccelerator

11.1.0, 11.0.0, 10.2.3, 10.2.2, 10.2.1, 10.2.0, 10.1.0, 10.0.1, 10.0.0, 9.4.8, 9.4.7, 9.4.6, 9.4.5, 9.4.4, 9.4.3, 9.4.2, 9.4.1, 9.4.0

BIG-IP APM

11.1.0, 11.0.0, 10.2.3, 10.2.2, 10.2.1, 10.2.0, 10.1.0

BIG-IP WOM

11.1.0, 11.0.0, 10.2.3, 10.2.2, 10.2.1, 10.2.0, 10.1.0, 10.0.1, 10.0.0

BIG-IP Edge Gateway

11.1.0, 11.0.0, 10.2.3, 10.2.2, 10.2.1, 10.2.0, 10.1.0

Web Accelerator 5.x

5.3.1, 5.2.0, 5.1.5

FirePass

7.0.0, 6.1.0, 6.0.3, 6.0.2, 6.0.1, 6.0.0, 5.5.2, 5.5.1, 5.5.0

ARX

6.1.1, 6.1.0, 6.0.0, 5.3.1, 5.2.2, 5.2.0, 5.1.9, 5.1.7, 5.1.5, 5.1.0, 5.0.7, 5.0.6, 5.0.5, 5.0.1, 5.0.0, 4.1.3, 4.1.1, 4.1.0, 4.0.1, 3.2.3, 3.2.2, 3.2.1, 2.7.1, 2.7.0

Enterprise Manager

2.3.0, 2.2.0, 2.1.0, 2.0.0, 1.8.0, 1.7.0, 1.6.0, 1.4.1, 1.4.0, 1.2.2, 1.2.1, 1.2.0

WANJet

5.0.2, 5.0.1, 5.0.0, 4.2.8, 4.2.5, 4.2.4, 4.2.3, 4.2.2, 4.2.16, 4.2.14, 4.2.11, 4.2.10, 4.2.1, 4.2.0

BIG-IP Analytics

11.1.0, 11.0.0

sol9990: icclib vulnerabilities CVE-2009-0583 and CVE-2009-0584

Security Advisory

Original Publication Date: 04/21/2009
Updated Date: 02/08/2012

Note: Versions that are not listed in this Solution have not been evaluated for vulnerability to this security advisory. For information about F5's security policy regarding evaluating older and unsupported versions of F5 products, refer to SOL4602: Overview of F5 security vulnerability response policy.

F5 Networks products and versions that have been evaluated for this Security Advisory

Product	Affected	Not Affected
BIG-IP LTM	10.0.0	9.x 10.0.1 10.1.x 10.2.x 11.x
BIG-IP GTM	10.0.0	9.x 10.0.1 10.1.x 10.2.x 11.x
BIG-IP ASM	10.0.0	9.x 10.0.1 10.1.x 10.2.x 11.x
BIG-IP Link Controller	10.0.0	9.x 10.0.1 10.1.x 10.2.x 11.x
BIG-IP WebAccelerator	10.0.0	9.x 10.0.1 10.1.0 10.2.x 11.x
BIG-IP PSM	10.0.0	9.x 10.0.1 10.1.x 10.2.x 11.x
BIG-IP WAN Optimization	10.0.0	10.0.1 10.1.x 10.2.x 11.x
BIG-IP APM	None	10.1.x 10.2.x 11.x
BIG-IP Edge Gateway	None	10.1.x 10.2.x 11.x
BIG-IP Analytics	None	11.x
FirePass	None	5.x 6.x 7.x
Enterprise Manager	None	1.x 2.x
WANJet	None	4.x 5.x
WebAccelerator	None	5.x
ARX	None	2.x 3.x 4.x 5.x 6.x

Description

Multiple integer overflow flaws which could lead to heap-based buffer overflows, as well as multiple insufficient input validation flaws, were found in Ghostscript's International Color Consortium Format library (icclib). Using specially-crafted ICC profiles, an attacker could create a malicious PostScript or PDF file with embedded images which could cause Ghostscript to crash or, potentially, execute arbitrary code when opened by the victim.

Information about this advisory is available at the following locations:

Note: These links take you to a resource outside of AskF5, and it is possible that the documents may be removed without our knowledge.

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0583

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0584

F5 Product Development tracked this issue as CR118548 and CR119796 and it was fixed in BIG-IP versions 9.4.7 and 10.0.1. For more information about upgrading, refer to the BIG-IP LTM, ASM, GTM, Link Controller, PSM, or WebAccelerator release notes.

Additionally, this issue was fixed in BIGIP-10.0.0-5514.0-HF2 for BIG-IP version 10.0.0. You may download this hotfix or later versions of the hotfix from the F5 Downloads site.

To view a list of the latest available hotfixes, refer to SOL9502: BIG-IP hotfix matrix.

For information about installing a hotfix, refer to SOL10025: Managing F5 product hotfixes for BIG-IP version 10.x systems.

For information about the F5 hotfix policy, refer to SOL4918: Overview of F5 critical issue hotfix policy.

Was this resource helpful in solving your issue?

Yes - this resource was helpful
No - this resource was not helpful
I don‘t know yet

NOTE: Please do not provide personal information.

Incorrect answer. Please try again: Please enter the words to the right: Please enter the numbers you hear:

Additional Comments (optional)

Reload Audio Image Help