CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 1CVE-2018-16435 – lcms2: Integer overflow in AllocateDataSet() in cmscgats.c leading to heap-based buffer overflow
https://notcve.org/view.php?id=CVE-2018-16435
04 Sep 2018 — Little CMS (aka Little Color Management System) 2.9 has an integer overflow in the AllocateDataSet function in cmscgats.c, leading to a heap-based buffer overflow in the SetData function via a crafted file in the second argument to cmsIT8LoadFromFile. Little CMS (también conocido como Little Color Management System) 2.9 tiene un desbordamiento de enteros en la función AllocateDataSet en cmscgats.c que conduce a un desbordamiento de búfer basado en memoria dinámica (heap) en la función SetData mediante un ar... • https://access.redhat.com/errata/RHSA-2018:3004 • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 7.1EPSS: 0%CPEs: 58EXPL: 0CVE-2016-10165 – lcms2: Out-of-bounds read in Type_MLU_Read()
https://notcve.org/view.php?id=CVE-2016-10165
03 Feb 2017 — The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read. La función Type_MLU_Read en cmstypes.c en Little CMS (también conocido como lcms2) permite a atacantes remotos obtener información sensible o provocar una denegación de servicio a través de una imagen con un perfil ICC manipulado, lo que desencadena una lectura de memoria din... • http://lists.opensuse.org/opensuse-updates/2017-01/msg00174.html • CWE-125: Out-of-bounds Read •
CVSS: 10.0EPSS: 15%CPEs: 6EXPL: 0CVE-2013-7455 – Ubuntu Security Notice USN-2961-1
https://notcve.org/view.php?id=CVE-2013-7455
05 May 2016 — Double free vulnerability in the DefaultICCintents function in cmscnvrt.c in liblcms2 in Little CMS 2.x before 2.6 allows remote attackers to execute arbitrary code via a malformed ICC profile that triggers an error in the default intent handler. Vulnerabilidad de liberación doble de memoria en la función DefaultICCintents en cmscnvrt.c en liblcms2 en Little CMS 2.x en versiones anteriores a 2.6 permite a atacantes remotos ejecutar código arbitrario a través de un perfil ICC mal formado que desencadena un e... • http://www.kb.cert.org/vuls/id/369800 •
CVSS: 5.5EPSS: 2%CPEs: 13EXPL: 0CVE-2013-4276 – Gentoo Linux Security Advisory 201412-46
https://notcve.org/view.php?id=CVE-2013-4276
27 Aug 2013 — Multiple stack-based buffer overflows in LittleCMS (aka lcms or liblcms) 1.19 and earlier allow remote attackers to cause a denial of service (crash) via a crafted (1) ICC color profile to the icctrans utility or (2) TIFF image to the tiffdiff utility. Múltiples vulnerabilidades buffer overflow de pila en LittleCMS (tambien conocido como lcms o liblcms) 1.19 y anteriores, permite a un atacante remoto causar una denegación de servicio (caída) a través de (1) un perfil ICC color manipulado en la utilidad icct... • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=718682 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 1%CPEs: 18EXPL: 0CVE-2013-4160 – Ubuntu Security Notice USN-1911-1
https://notcve.org/view.php?id=CVE-2013-4160
29 Jul 2013 — Little CMS (lcms2) before 2.5, as used in OpenJDK 7 and possibly other products, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to (1) cmsStageAllocLabV2ToV4curves, (2) cmsPipelineDup, (3) cmsAllocProfileSequenceDescription, (4) CurvesAlloc, and (5) cmsnamed. Little CMS (lcms2) anterior a la versión 2.5, tal como se usa en OpenJDK 7 y posiblemente otros productos, permite a a atacantes remotos provocar una denegación de servicio (dereferencia a ... • http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2013-July/023895.html •
CVSS: 10.0EPSS: 1%CPEs: 18EXPL: 2CVE-2008-5316 – lcms: insufficient input validation in ReadEmbeddedTextTag
https://notcve.org/view.php?id=CVE-2008-5316
03 Dec 2008 — Buffer overflow in the ReadEmbeddedTextTag function in src/cmsio1.c in Little cms color engine (aka lcms) before 1.16 allows attackers to have an unknown impact via vectors related to a length parameter inconsistency involving the contents of "the input file," a different vulnerability than CVE-2007-2741. Desbordamiento de búfer en la función ReadEmbeddedTextTag en src/cmsio1.c en el motor de color Little cms (alias lcms), versiones anteriores a 1.16 que permite a los atacantes remotos conseguir un desconoc... • http://lcms.cvs.sourceforge.net/viewvc/lcms/lcms/src/cmsio1.c?r1=1.33&r2=1.34 • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 0%CPEs: 20EXPL: 0CVE-2008-5317 – lcms: unsigned -> signed integer cast issue in cmsAllocGamma
https://notcve.org/view.php?id=CVE-2008-5317
03 Dec 2008 — Integer signedness error in the cmsAllocGamma function in src/cmsgamma.c in Little cms color engine (aka lcms) before 1.17 allows attackers to have an unknown impact via a file containing a certain "number of entries" value, which is interpreted improperly, leading to an allocation of insufficient memory. Error de presencia de signo en entero en la función cmsAllocGamma en src/cmsgamma.c en Little cms color engine (alias lcms) en versiones anteriores a 1.17 que permite a los atacantes tener un impacto desco... • http://lcms.cvs.sourceforge.net/viewvc/lcms/lcms/src/cmsgamma.c?view=diff&r1=1.16&r2=1.17 • CWE-189: Numeric Errors •