19 matches found
JLSEC-2026-490
Little CMS aka Little Color Management System 2.9 has an integer overflow in the AllocateDataSet function in cmscgats.c, leading to a heap-based buffer overflow in the SetData function via a crafted file in the second argument to cmsIT8LoadFromFile...
EUVD-2018-8275
Malware in sbrugna...
SUSE CVE-2018-16435
Little CMS aka Little Color Management System 2.9 has an integer overflow in the AllocateDataSet function in cmscgats.c, leading to a heap-based buffer overflow in the SetData function via a crafted file in the second argument to cmsIT8LoadFromFile...
GLSA-202105-18 : LittleCMS: User-assisted execution of arbitrary code
The remote host is affected by the vulnerability described in GLSA-202105-18 LittleCMS: User-assisted execution of arbitrary code It was discovered that LittleCMS aka Little Color Management System had an integer overflow in the AllocateDataSet function in cmscgats.c. Impact : A remote attacker...
LittleCMS: User-assisted execution of arbitrary code
Background LittleCMS, or short lcms, is a color management system for working with ICC profiles. It is used by many applications including GIMP, Firefox and Chromium. Description It was discovered that LittleCMS aka Little Color Management System had an integer overflow in the AllocateDataSet...
CVE-2018-16435
Little CMS aka Little Color Management System 2.9 has an integer overflow in the AllocateDataSet function in cmscgats.c, leading to a heap-based buffer overflow in the SetData function via a crafted file in the second argument to cmsIT8LoadFromFile...
SUSE SLED12 / SLES12 Security Update : lcms2 (SUSE-SU-2018:3545-1)
This update for lcms2 fixes the following security issues : CVE-2016-10165: The TypeMLURead function allowed remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggered an out-of-bounds heap read bsc1021364. CVE-2018-16435...
lcms2: Integer overflow in AllocateDataSet() in cmscgats.c leading to heap-based buffer overflow
Little CMS aka Little Color Management System 2.9 has an integer overflow in the AllocateDataSet function in cmscgats.c, leading to a heap-based buffer overflow in the SetData function via a crafted file in the second argument to cmsIT8LoadFromFile...
Denial Of Service (DoS)
liblcms2.so is vulnerable to denial of service. The vulnerability exists in the AllocateDataSet function of cmscgats.c because of not limiting the size of the Data from integer multiplication, leading to an attack if a malicious IT8 calibration file is passed to the second argument to...
CVE-2018-16435
Little CMS aka Little Color Management System 2.9 has an integer overflow in the AllocateDataSet function in cmscgats.c, leading to a heap-based buffer overflow in the SetData function via a crafted file in the second argument to cmsIT8LoadFromFile...
DEBIAN-CVE-2018-16435
Little CMS aka Little Color Management System 2.9 has an integer overflow in the AllocateDataSet function in cmscgats.c, leading to a heap-based buffer overflow in the SetData function via a crafted file in the second argument to cmsIT8LoadFromFile...
CVE-2018-16435
Little CMS aka Little Color Management System 2.9 has an integer overflow in the AllocateDataSet function in cmscgats.c, leading to a heap-based buffer overflow in the SetData function via a crafted file in the second argument to cmsIT8LoadFromFile...
ALPINE-CVE-2018-16435
Little CMS aka Little Color Management System 2.9 has an integer overflow in the AllocateDataSet function in cmscgats.c, leading to a heap-based buffer overflow in the SetData function via a crafted file in the second argument to cmsIT8LoadFromFile...
Integer overflow
Little CMS aka Little Color Management System 2.9 has an integer overflow in the AllocateDataSet function in cmscgats.c, leading to a heap-based buffer overflow in the SetData function via a crafted file in the second argument to cmsIT8LoadFromFile...
CVE-2018-16435
Little CMS aka Little Color Management System 2.9 has an integer overflow in the AllocateDataSet function in cmscgats.c, leading to a heap-based buffer overflow in the SetData function via a crafted file in the second argument to cmsIT8LoadFromFile...
CVE-2018-16435
Little CMS aka Little Color Management System 2.9 has an integer overflow in the AllocateDataSet function in cmscgats.c, leading to a heap-based buffer overflow in the SetData function via a crafted file in the second argument to cmsIT8LoadFromFile...
CVE-2018-16435
Little CMS aka Little Color Management System 2.9 has an integer overflow in the AllocateDataSet function in cmscgats.c, leading to a heap-based buffer overflow in the SetData function via a crafted file in the second argument to cmsIT8LoadFromFile...
CVE-2018-16435
CVE-2018-16435 affects Little CMS 2.9, where an integer overflow in cmscgats.c:AllocateDataSet enables a heap-based buffer overflow in SetData when processing a crafted file in cmsIT8LoadFromFile. No exploitation details are provided in the documents beyond the overflow risk. Remediation: upgrade...
CVE-2018-16435
Little CMS aka Little Color Management System 2.9 has an integer overflow in the AllocateDataSet function in cmscgats.c, leading to a heap-based buffer overflow in the SetData function via a crafted file in the second argument to cmsIT8LoadFromFile...