OESA-2026-2326 lcms2 security update

LittleCMS intends to be an OPEN SOURSE small-footprint color management engine,with special focus on accuracy and performence.It uses the International Color Consortium standard ICC, which is the modern standard when regarding to color management. The ICC specification is widely used and is...

OESA-2026-2325 lcms2 security update

LittleCMS intends to be an OPEN SOURSE small-footprint color management engine,with special focus on accuracy and performence.It uses the International Color Consortium standard ICC, which is the modern standard when regarding to color management. The ICC specification is widely used and is...

[SECURITY] [DSA 6262-1] lcms2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6262-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 10, 2026 https://www.debian.org/security/faq -...

Debian dla-4568 : liblcms2-2 - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4568 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4568-1 [email protected] https://www.debian.org/lts/security/...

MiracleLinux 3 : lcms-1.15-1.2.2AXS3.2 (AXSA:2009-05:01)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2009-05:01 advisory. LittleCMS intends to be a small-footprint, speed optimized color management engine in open source form. Bugs fixed: CVE-2008-5316 Buffer overflow in t...

MiracleLinux 3 : lcms-1.18-0.1.beta1AXS3.2 (AXSA:2009-30:02)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2009-30:02 advisory. LittleCMS intends to be a small-footprint, speed optimized color management engine in open source form. Bugs fixed: CVE-2009-0581 Memory leak in...

EUVD-2009-0584

Malware in sbrugna...

EUVD-2013-4175

Malware in sbrugna...

EUVD-2009-0723

Malware in sbrugna...

EUVD-2009-0733

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2009-0793

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cmsxform.c in LittleCMS aka lcms or liblcms 1.18, as used in OpenJDK and other products, allows remote attackers to cause a denial of service NULL pointer...

SUSE CVE-2009-0581

Memory leak in LittleCMS aka lcms or liblcms before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allows context-dependent attackers to cause a denial of service memory consumption and application crash via a crafted image file...

SUSE CVE-2009-0723

Multiple integer overflows in LittleCMS aka lcms or liblcms before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow. NOTE: some of these details are obtained fr...

SUSE CVE-2009-0733

Multiple stack-based buffer overflows in the ReadSetOfCurves function in LittleCMS aka lcms or liblcms before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file associated with a large integer value for th...

SUSE CVE-2009-0793

cmsxform.c in LittleCMS aka lcms or liblcms 1.18, as used in OpenJDK and other products, allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted image that triggers execution of incorrect code for "transformations of monochrome profiles."...

SUSE CVE-2013-4276

Multiple stack-based buffer overflows in LittleCMS aka lcms or liblcms 1.19 and earlier allow remote attackers to cause a denial of service crash via a crafted 1 ICC color profile to the icctrans utility or 2 TIFF image to the tiffdiff utility...

GLSA-202105-18 : LittleCMS: User-assisted execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-202105-18 LittleCMS: User-assisted execution of arbitrary code It was discovered that LittleCMS aka Little Color Management System had an integer overflow in the AllocateDataSet function in cmscgats.c. Impact : A remote attacker...

LittleCMS: User-assisted execution of arbitrary code

Background LittleCMS, or short lcms, is a color management system for working with ICC profiles. It is used by many applications including GIMP, Firefox and Chromium. Description It was discovered that LittleCMS aka Little Color Management System had an integer overflow in the AllocateDataSet...

Denial Of Service (DoS)

java is vulnerable to denial of service DoS. The vulnerability exists as a null pointer dereference flaw was found in LittleCMS. An application using color profiles could crash while converting a specially-crafted image file...

SUSE SLES15 Security Update : java-1_8_0-openjdk (SUSE-SU-2018:1938-2)

This update for java-180-openjdk to version 8u171 fixes the following issues: These security issues were fixed : - S8180881: Better packaging of deserialization - S8182362: Update CipherOutputStream Usage - S8183032: Upgrade to LittleCMS 2.9 - S8189123: More consistent classloading - S8189969,...