CVSS: 4.3EPSS: 5%CPEs: 2EXPL: 0CVE-2009-0793 – lcms: Null pointer dereference (DoS) by handling transformations of monochrome profiles
https://notcve.org/view.php?id=CVE-2009-0793
cmsxform.c in LittleCMS (aka lcms or liblcms) 1.18, as used in OpenJDK and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted image that triggers execution of incorrect code for "transformations of monochrome profiles." cmsxform.c en LittleCMS (también conocido como lcms o liblcms) v1.18, con el utilizado en OpenJDK y otros productos, permite a atacantes remotos provocar una denegación de servicio (desreferenciación de puntero nulo y caída de aplicación) a través de una imagen manipulada que provoca la ejecución de código incorrecto para "transformación de perfiles monocromos". • http://secunia.com/advisories/34623 http://secunia.com/advisories/34632 http://secunia.com/advisories/34634 http://secunia.com/advisories/34635 http://secunia.com/advisories/34675 http://secunia.com/advisories/34782 http://secunia.com/advisories/35048 http://secunia.com/advisories/42870 http://security.gentoo.org/glsa/glsa-200904-19.xml http://www.debian.org/security/2009/dsa-1769 http://www.mandriva.com/security/advisories?name=MDVSA-2009:121 http://www.mandriva.com/ • CWE-20: Improper Input Validation CWE-476: NULL Pointer Dereference •
CVSS: 9.3EPSS: 0%CPEs: 4EXPL: 2CVE-2009-0723 – LittleCms integer overflow
https://notcve.org/view.php?id=CVE-2009-0723
Multiple integer overflows in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information. Múltiples desbordamientos de enteros en LittleCMS (también conocido como lcms o liblcms) anteriores a v1.18beta2, como el utilizado en Firefox v3.1beta, OpenJDK, y GIMP, permiten a atacantes dependientes de contexto ejecutar código arbitrario a través de un fichero de imagen manipulado, que provoca un desbordamiento de buffer basada en montículo. NOTA: algunos de estos detalles son obtenidos de información de terceras personas. • http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html http://scary.beasts.org/security/CESA-2009-003.html http://scarybeastsecurity.blogspot.com/2009/03/littlecms-vulnerabilities.html http://secunia.com/advisories/34367 http://secunia.com/advisories/34382 http://secunia.com/advisories/34400 http://secunia.com/advisories/34408 http://secunia.com/advisories/34418 http://secunia.com/advisories/34442 http://secunia.com/advisories/34450 http://secunia.com/advisories/34454&# • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.3EPSS: 0%CPEs: 4EXPL: 2CVE-2009-0733 – LittleCms lack of upper-bounds check on sizes
https://notcve.org/view.php?id=CVE-2009-0733
Multiple stack-based buffer overflows in the ReadSetOfCurves function in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file associated with a large integer value for the (1) input or (2) output channel, related to the ReadLUT_A2B and ReadLUT_B2A functions. Múltiples desbordamientos de búfer basados en pila en la función ReadSetOfCurves en LittleCMS (alias LCMS o liblcms) antes de la versión 1.18beta2, tal y como se usa en Firefox 3.1beta, OpenJDK, y GIMP, permiten ejecutar código arbitrario, a atacantes dependientes de contexto, a través de un archivo de imagen modificado con valores de enteros demasiado grandes en el (1) canal de entrada o (2) canal de salida, en relación con las funciones ReadLUT_A2B y ReadLUT_B2A. • http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html http://scary.beasts.org/security/CESA-2009-003.html http://scarybeastsecurity.blogspot.com/2009/03/littlecms-vulnerabilities.html http://secunia.com/advisories/34367 http://secunia.com/advisories/34382 http://secunia.com/advisories/34400 http://secunia.com/advisories/34408 http://secunia.com/advisories/34418 http://secunia.com/advisories/34442 http://secunia.com/advisories/34450 http://secunia.com/advisories/34454&# • CWE-787: Out-of-bounds Write •
CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 2CVE-2009-0581 – LittleCms memory leak
https://notcve.org/view.php?id=CVE-2009-0581
Memory leak in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allows context-dependent attackers to cause a denial of service (memory consumption and application crash) via a crafted image file. Fuga de memoria en versiones de LittleCMS (alias LCMS o liblcms) anteriores a la 1.18beta2, tal como se utiliza en Firefox 3.1beta, OpenJDK, y el GIMP, permite causar, a atacantes dependientes de contexto, una denegación de servicio (mediante consumo de memoria y caida de la aplicación) a través de un archivo de imagen debidamente modificado. • http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html http://scary.beasts.org/security/CESA-2009-003.html http://scarybeastsecurity.blogspot.com/2009/03/littlecms-vulnerabilities.html http://secunia.com/advisories/34367 http://secunia.com/advisories/34382 http://secunia.com/advisories/34400 http://secunia.com/advisories/34408 http://secunia.com/advisories/34418 http://secunia.com/advisories/34442 http://secunia.com/advisories/34450 http://secunia.com/advisories/34454&# • CWE-401: Missing Release of Memory after Effective Lifetime •