4 matches found
CVE-2009-0793
CVE-2009-0793 affects LittleCMS (lcms) 1.18, specifically cmsxform.c handling transformations of monochrome profiles. The issue enables a remote attacker to cause a denial of service (NULL pointer dereference and application crash) via a crafted image that triggers incorrect code execution in mon...
CVE-2008-5316
CVE-2008-5316 affects the LittleCMS color engine (lcms) prior to version 1.16. A buffer overflow is triggered in the ReadEmbeddedTextTag function (cmsio1.c) due to a length parameter inconsistency involving the input file. The impact is described as unknown in the provided document, and no exploi...
CVE-2007-2741
CVE-2007-2741 attests a stack-based buffer overflow in Little CMS (lcms) prior to 1.15. A crafted ICC profile embedded in a JPG can trigger remote code execution or cause an application crash/DoS. Affected software is Little CMS; root cause is a overflow in handling ICC profiles in JPEG input. Th...
CVE-2008-5317
LittleCMS (lcms) vulnerability CVE-2008-5317: In cmsAllocGamma() of src/cmsgamma.c, integer signedness error before 1.17 can cause an under-allocated memory allocation when parsing a file with a specific number of entries. This could lead to memory corruption or related failures. Affected version...