CVE-2009-0793
cmsxform.c in LittleCMS aka lcms or liblcms 1.18, as used in OpenJDK and other products, allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted image that triggers execution of incorrect code for "transformations of monochrome profiles."...