Page 3 of 11 results (0.007 seconds)

CVSS: 9.3EPSS: 0%CPEs: 4EXPL: 2

Multiple stack-based buffer overflows in the ReadSetOfCurves function in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file associated with a large integer value for the (1) input or (2) output channel, related to the ReadLUT_A2B and ReadLUT_B2A functions. Múltiples desbordamientos de búfer basados en pila en la función ReadSetOfCurves en LittleCMS (alias LCMS o liblcms) antes de la versión 1.18beta2, tal y como se usa en Firefox 3.1beta, OpenJDK, y GIMP, permiten ejecutar código arbitrario, a atacantes dependientes de contexto, a través de un archivo de imagen modificado con valores de enteros demasiado grandes en el (1) canal de entrada o (2) canal de salida, en relación con las funciones ReadLUT_A2B y ReadLUT_B2A. • http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html http://scary.beasts.org/security/CESA-2009-003.html http://scarybeastsecurity.blogspot.com/2009/03/littlecms-vulnerabilities.html http://secunia.com/advisories/34367 http://secunia.com/advisories/34382 http://secunia.com/advisories/34400 http://secunia.com/advisories/34408 http://secunia.com/advisories/34418 http://secunia.com/advisories/34442 http://secunia.com/advisories/34450 http://secunia.com/advisories/34454&# • CWE-787: Out-of-bounds Write •