Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntuUbuntuUSN-652-1
HistoryOct 14, 2008 - 12:00 a.m.

LittleCMS vulnerability

2008-10-1400:00:00
ubuntu.com
27

9.9 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.044 Low

EPSS

Percentile

92.4%

JSON

Releases

  • Ubuntu 6.06

Packages

  • lcms -

Details

Chris Evans discovered that certain ICC operations in lcms were not
correctly bounds-checked. If a user or automated system were tricked
into processing an image with malicious ICC tags, a remote attacker could
crash applications linked against liblcms1, leading to a denial of service,
or possibly execute arbitrary code with user privileges.

OSVersionArchitecturePackageVersionFilename
Ubuntu6.06noarchliblcms1< 1.13-1ubuntu0.1UNKNOWN
Ubuntu6.06noarchliblcms-utils< 1.13-1ubuntu0.1UNKNOWN
Ubuntu6.06noarchliblcms1-dev< 1.13-1ubuntu0.1UNKNOWN

Related

openvas 19
nessus 12
redhat 1
oraclelinux 1
debian 2
centos 1
prion 3
nvd 3
cvelist 3
ubuntucve 3
osv 1
ubuntu 1
securityvulns 5
cve 3
redhatcve 1
gentoo 2
openvas
openvas
Ubuntu: Security Advisory (USN-652-1)
2009-03-23 00:00:00
RedHat Security Advisory RHSA-2009:0011
2009-01-07 00:00:00
CentOS Security Advisory CESA-2009:0011 (lcms)
2009-01-13 00:00:00
nessus
nessus
Ubuntu 6.06 LTS : lcms vulnerability (USN-652-1)
2009-04-23 00:00:00
Oracle Linux 5 : lcms (ELSA-2009-0011)
2013-07-12 00:00:00
Debian DSA-1684-1 : lcms - multiple vulnerabilities
2008-12-10 00:00:00
redhat
redhat
(RHSA-2009:0011) Moderate: lcms security update
2009-01-07 00:00:00
oraclelinux
oraclelinux
lcms security update
2009-01-07 00:00:00
debian
debian
[SECURITY] [DSA 1684-1] New lcms packages fix multiple vulnerabilities
2008-12-10 07:51:43
[SECURITY] [DSA 1684-1] New lcms packages fix multiple vulnerabilities
2008-12-10 07:51:43
centos
centos
lcms, python security update
2009-01-08 16:02:58
prion
prion
Buffer overflow
2008-12-03 17:30:00
Integer overflow
2008-12-03 17:30:00
Stack overflow
2007-05-17 19:30:00
nvd
nvd
CVE-2008-5316
2008-12-03 17:30:00
CVE-2008-5317
2008-12-03 17:30:00
CVE-2007-2741
2007-05-17 19:30:00
cvelist
cvelist
CVE-2008-5316
2008-12-03 17:00:00
CVE-2008-5317
2008-12-03 17:00:00
CVE-2007-2741
2007-05-17 19:00:00
ubuntucve
ubuntucve
CVE-2008-5316
2008-12-03 00:00:00
CVE-2007-2741
2007-05-17 00:00:00
CVE-2008-5317
2008-12-03 00:00:00
osv
osv
lcms - multiple vulnerabilities
2008-12-10 00:00:00
ubuntu
ubuntu
LittleCMS vulnerability
2008-12-17 00:00:00
securityvulns
securityvulns
lcms multiple security vulnerabilities
2008-12-12 00:00:00
[USN-693-1] LittleCMS vulnerability
2008-12-18 00:00:00
[ MDKSA-2007:238 ] - Updated liblcms package fixes buffer overflow
2007-12-07 00:00:00
cve
cve
CVE-2008-5316
2008-12-03 17:30:00
CVE-2007-2741
2007-05-17 19:30:00
CVE-2008-5317
2008-12-03 17:30:00
redhatcve
redhatcve
CVE-2007-2741
2015-10-30 10:05:42
gentoo
gentoo
AMD64 x86 emulation base libraries: Multiple vulnerabilities
2014-12-12 00:00:00
Multiple packages, Multiple vulnerabilities fixed in 2010
2014-12-11 00:00:00

9.9 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.044 Low

EPSS

Percentile

92.4%

JSON
Related for USN-652-1
openvas19nessus12redhat1oraclelinux1debian2centos1prion3nvd3cvelist3ubuntucve3osv1ubuntu1securityvulns5cve3redhatcve1gentoo2