Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

littlecms lcms vulnerabilities and exploits

(subscribe to this query)
9.3
CVSSv2
CVE-2007-2741
Stack-based buffer overflow in Little CMS (lcms) prior to 1.15 allows remote malicious users to execute arbitrary code or cause a denial of service (application crash) via a crafted ICC profile in a JPG file.
Littlecms Lcms 1.07Littlecms Lcms 1.13Littlecms LcmsLittlecms Lcms 1.11Littlecms Lcms 1.12Littlecms Lcms 1.08Littlecms Lcms 1.09Littlecms Lcms 1.10
10
CVSSv2
CVE-2008-5316
Buffer overflow in the ReadEmbeddedTextTag function in src/cmsio1.c in Little cms color engine (aka lcms) prior to 1.16 allows malicious users to have an unknown impact via vectors related to a length parameter inconsistency involving the contents of "the input file," a...
Littlecms Lcms 1.08Littlecms Lcms 1.07Littlecms Lcms 1.10Littlecms Lcms 1.09Littlecms Little Cms Color Engine 1.09Littlecms Little Cms Color Engine 1.08Littlecms Lcms 1.14Littlecms Lcms 1.13Littlecms Little Cms Color Engine 1.14Littlecms Little Cms Color Engine 1.13Littlecms Little Cms Color Engine 1.12Littlecms LcmsLittlecms Lcms 1.12Littlecms Lcms 1.11Littlecms Little Cms Color Engine 1.11Littlecms Little Cms Color Engine 1.10Littlecms Little Cms Color Engine 1.07Littlecms Little Cms Color Engine
10
CVSSv2
CVE-2008-5317
Integer signedness error in the cmsAllocGamma function in src/cmsgamma.c in Little cms color engine (aka lcms) prior to 1.17 allows malicious users to have an unknown impact via a file containing a certain "number of entries" value, which is interpreted improperly, lead...
Littlecms Lcms 1.08Littlecms Lcms 1.07Littlecms Little Cms Color Engine 1.14Littlecms Little Cms Color Engine 1.07Littlecms Little Cms Color Engine 1.15Littlecms Lcms 1.12Littlecms Lcms 1.11Littlecms Little Cms Color Engine 1.11Littlecms Little Cms Color Engine 1.10Littlecms LcmsLittlecms Lcms 1.14Littlecms Lcms 1.13Littlecms Little Cms Color Engine 1.13Littlecms Little Cms Color Engine 1.12Littlecms Lcms 1.15Littlecms Little Cms Color EngineLittlecms Lcms 1.10Littlecms Lcms 1.09Littlecms Little Cms Color Engine 1.09Littlecms Little Cms Color Engine 1.08
4.3
CVSSv2
CVE-2009-0793
cmsxform.c in LittleCMS (aka lcms or liblcms) 1.18, as used in OpenJDK and other products, allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via a crafted image that triggers execution of incorrect code for "transform...
Sun Openjdk 6Littlecms Lcms 1.18
4.3
CVSSv2
CVE-2013-4276
Multiple stack-based buffer overflows in LittleCMS (aka lcms or liblcms) 1.19 and previous versions allow remote malicious users to cause a denial of service (crash) via a crafted (1) ICC color profile to the icctrans utility or (2) TIFF image to the tiffdiff utility.
Littlecms Little Cms Color Engine 1.17Littlecms Little Cms Color Engine 1.11Littlecms Little Cms Color Engine 1.12Littlecms Little Cms Color Engine 1.09Littlecms Little Cms Color Engine 1.10Littlecms Little Cms Color Engine 1.07Littlecms Little Cms Color Engine 1.08Littlecms Little Cms Color Engine 1.15Littlecms Little Cms Color Engine 1.16Littlecms Little Cms Color Engine 1.18Littlecms Little Cms Color EngineLittlecms Little Cms Color Engine 1.13Littlecms Little Cms Color Engine 1.14
4.3
CVSSv2
CVE-2009-0581
Memory leak in LittleCMS (aka lcms or liblcms) prior to 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allows context-dependent malicious users to cause a denial of service (memory consumption and application crash) via a crafted image file.
Littlecms Little CmsMozilla Firefox 3.1Gimp GimpSun Openjdk
9.3
CVSSv2
CVE-2009-0723
Multiple integer overflows in LittleCMS (aka lcms or liblcms) prior to 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent malicious users to execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow. NOTE: some of th...
Gimp GimpMozilla Firefox 3.1Sun OpenjdkLittlecms Little Cms
9.3
CVSSv2
CVE-2009-0733
Multiple stack-based buffer overflows in the ReadSetOfCurves function in LittleCMS (aka lcms or liblcms) prior to 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent malicious users to execute arbitrary code via a crafted image file associated with a...
Gimp GimpMozilla Firefox 3.1Sun OpenjdkLittlecms Little Cms
4.3
CVSSv2
CVE-2018-16435
Little CMS (aka Little Color Management System) 2.9 has an integer overflow in the AllocateDataSet function in cmscgats.c, leading to a heap-based buffer overflow in the SetData function via a crafted file in the second argument to cmsIT8LoadFromFile.
Littlecms Little Cms Color Engine 2.9Canonical Ubuntu Linux 18.04Canonical Ubuntu Linux 12.04Canonical Ubuntu Linux 14.04Canonical Ubuntu Linux 16.04Redhat Enterprise Linux Server 6.0Redhat Enterprise Linux Desktop 6.0Redhat Enterprise Linux Workstation 6.0Debian Debian Linux 8.0Debian Debian Linux 9.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-21111CVE-2024-32884IDORCVE-2023-1000CVE-2024-33260CVE-2024-3682reflected XSSrace conditionCVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook