CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 1CVE-2018-16435 – lcms2: Integer overflow in AllocateDataSet() in cmscgats.c leading to heap-based buffer overflow
https://notcve.org/view.php?id=CVE-2018-16435
04 Sep 2018 — Little CMS (aka Little Color Management System) 2.9 has an integer overflow in the AllocateDataSet function in cmscgats.c, leading to a heap-based buffer overflow in the SetData function via a crafted file in the second argument to cmsIT8LoadFromFile. Little CMS (también conocido como Little Color Management System) 2.9 tiene un desbordamiento de enteros en la función AllocateDataSet en cmscgats.c que conduce a un desbordamiento de búfer basado en memoria dinámica (heap) en la función SetData mediante un ar... • https://access.redhat.com/errata/RHSA-2018:3004 • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-11555
https://notcve.org/view.php?id=CVE-2018-11555
30 May 2018 — tificc in Little CMS 2.9 has an out-of-bounds write in the PrecalculatedXFORM function in cmsxform.c in liblcms2.a via a crafted TIFF file. NOTE: Little CMS developers do consider this a vulnerability because the issue is based on an sample program using LIBTIFF and do not apply to the lcms2 library, lcms2 does not depends on LIBTIFF other than to build sample programs, and the issue cannot be reproduced on the lcms2 library.” ** EN DISPUTA ** tificc en Little CMS versión 2.9 tiene una escritura fuera de lí... • https://github.com/mm2/Little-CMS/issues/167 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-11556
https://notcve.org/view.php?id=CVE-2018-11556
30 May 2018 — tificc in Little CMS 2.9 has an out-of-bounds write in the cmsPipelineCheckAndRetreiveStages function in cmslut.c in liblcms2.a via a crafted TIFF file. NOTE: Little CMS developers do consider this a vulnerability because the issue is based on an sample program using LIBTIFF and do not apply to the lcms2 library, lcms2 does not depends on LIBTIFF other than to build sample programs, and the issue cannot be reproduced on the lcms2 library.” ** EN DISPUTA ** tificc en Little CMS versión 2.9 tiene una escritur... • https://github.com/mm2/Little-CMS/issues/167 • CWE-787: Out-of-bounds Write •