2 matches found
Denial Of Service (DoS)
liblcms2.so is vulnerable to denial of service. The vulnerability exists in the AllocateDataSet function of cmscgats.c because of not limiting the size of the Data from integer multiplication, leading to an attack if a malicious IT8 calibration file is passed to the second argument to...
Debian DSA-4284-1 : lcms2 - security update
Quang Nguyen discovered an integer overflow in the Little CMS 2 colour management library, which could result in denial of service and potentially the execution of arbitrary code if a malformed IT8 calibration file is processed. C Tenable Network Security, Inc. The descriptive text and package...