Lucene search

PRIOn knowledge basePRION:CVE-2008-5317

HistoryDec 03, 2008 - 5:30 p.m.

Integer overflow

2008-12-0317:30:00

PRIOn knowledge base

www.prio-n.com

6.4 Medium

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.012 Low

EPSS

Percentile

84.7%

JSON

Integer signedness error in the cmsAllocGamma function in src/cmsgamma.c in Little cms color engine (aka lcms) before 1.17 allows attackers to have an unknown impact via a file containing a certain “number of entries” value, which is interpreted improperly, leading to an allocation of insufficient memory.

CPENameOperatorVersion
lcmsle1.16
lcmseq1.08
lcmseq1.14
lcmseq1.15
lcmseq1.07
lcmseq1.13
lcmseq1.12
lcmseq1.11
lcmseq1.10
lcmseq1.09

Name	Operator	Version
lcms	le	1.16
lcms	eq	1.08
lcms	eq	1.14
lcms	eq	1.15
lcms	eq	1.07
lcms	eq	1.13
lcms	eq	1.12
lcms	eq	1.11
lcms	eq	1.10
lcms	eq	1.09

Rows per page:

1-10 of 201

References

lcms.cvs.sourceforge.net/viewvc/lcms/lcms/src/cmsgamma.c?view=diff&r1=1.16&r2=1.17

secunia.com/advisories/33066

secunia.com/advisories/33219

www.debian.org/security/2008/dsa-1684

www.openwall.com/lists/oss-security/2008/11/28/3

www.redhat.com/support/errata/RHSA-2009-0011.html

www.securityfocus.com/bid/32708

exchange.xforce.ibmcloud.com/vulnerabilities/47120

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10685

usn.ubuntu.com/693-1/

6.4 Medium

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.012 Low

EPSS

Percentile

84.7%

JSON

Related for PRION:CVE-2008-5317