97 matches found
CVE-2009-0793
cmsxform.c in LittleCMS aka lcms or liblcms 1.18, as used in OpenJDK and other products, allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted image that triggers execution of incorrect code for "transformations of monochrome profiles."...
CVE-2009-0793
cmsxform.c in LittleCMS aka lcms or liblcms 1.18, as used in OpenJDK and other products, allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted image that triggers execution of incorrect code for "transformations of monochrome profiles."...
CVE-2009-0793
cmsxform.c in LittleCMS aka lcms or liblcms 1.18, as used in OpenJDK and other products, allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted image that triggers execution of incorrect code for "transformations of monochrome profiles."...
CVE-2009-0793
CVE-2009-0793 affects LittleCMS (lcms) 1.18, specifically cmsxform.c handling transformations of monochrome profiles. The issue enables a remote attacker to cause a denial of service (NULL pointer dereference and application crash) via a crafted image that triggers incorrect code execution in mon...
java security update
CentOS Errata and Security Advisory CESA-2009:0377 Updated java-1.6.0-openjdk packages that fix several security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. These packages provide th...
RHEL 5 : java-1.6.0-openjdk (RHSA-2009:0377)
Updated java-1.6.0-openjdk packages that fix several security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJD...
lcms: Null pointer dereference (DoS) by handling transformations of monochrome profiles
cmsxform.c in LittleCMS aka lcms or liblcms 1.18, as used in OpenJDK and other products, allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted image that triggers execution of incorrect code for "transformations of monochrome profiles."...
LittleCms integer overflow
Multiple integer overflows in LittleCMS aka lcms or liblcms before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow. NOTE: some of these details are obtained fr...
LittleCms lack of upper-bounds check on sizes
Multiple stack-based buffer overflows in the ReadSetOfCurves function in LittleCMS aka lcms or liblcms before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file associated with a large integer value for th...
LittleCms memory leak
Memory leak in LittleCMS aka lcms or liblcms before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allows context-dependent attackers to cause a denial of service memory consumption and application crash via a crafted image file...
USN-744-1: LittleCMS vulnerabilities
Chris Evans discovered that LittleCMS did not properly handle certain error conditions, resulting in a large memory leak. If a user or automated system were tricked into processing an image with malicious ICC tags, a remote attacker could cause a denial of service. CVE-2009-0581 Chris Evans...
CVE-2009-0733
Multiple stack-based buffer overflows in the ReadSetOfCurves function in LittleCMS aka lcms or liblcms before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file associated with a large integer value for th...
CVE-2009-0723
Multiple integer overflows in LittleCMS aka lcms or liblcms before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow. NOTE: some of these details are obtained fr...
CVE-2009-0581
Memory leak in LittleCMS aka lcms or liblcms before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allows context-dependent attackers to cause a denial of service memory consumption and application crash via a crafted image file...
Integer overflow
Multiple integer overflows in LittleCMS aka lcms or liblcms before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow. NOTE: some of these details are obtained fr...
Stack overflow
Multiple stack-based buffer overflows in the ReadSetOfCurves function in LittleCMS aka lcms or liblcms before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file associated with a large integer value for th...
CVE-2009-0733
Multiple stack-based buffer overflows in the ReadSetOfCurves function in LittleCMS aka lcms or liblcms before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file associated with a large integer value for th...
CVE-2009-0723
Multiple integer overflows in LittleCMS aka lcms or liblcms before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow. NOTE: some of these details are obtained fr...
CVE-2009-0581
Memory leak in LittleCMS aka lcms or liblcms before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allows context-dependent attackers to cause a denial of service memory consumption and application crash via a crafted image file...
Memory corruption
Memory leak in LittleCMS aka lcms or liblcms before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allows context-dependent attackers to cause a denial of service memory consumption and application crash via a crafted image file...