Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
littlecms vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2007-2741
Stack-based buffer overflow in Little CMS (lcms) prior to 1.15 allows remote malicious users to execute arbitrary code or cause a denial of service (application crash) via a crafted ICC profile in a JPG file.
Littlecms Lcms 1.07
Littlecms Lcms 1.13
Littlecms Lcms
Littlecms Lcms 1.11
Littlecms Lcms 1.12
Littlecms Lcms 1.08
Littlecms Lcms 1.09
Littlecms Lcms 1.10
10
CVSSv2
CVE-2008-5316
Buffer overflow in the ReadEmbeddedTextTag function in src/cmsio1.c in Little cms color engine (aka lcms) prior to 1.16 allows malicious users to have an unknown impact via vectors related to a length parameter inconsistency involving the contents of "the input file," a...
Littlecms Lcms 1.08
Littlecms Lcms 1.07
Littlecms Lcms 1.10
Littlecms Lcms 1.09
Littlecms Little Cms Color Engine 1.09
Littlecms Little Cms Color Engine 1.08
Littlecms Lcms 1.14
Littlecms Lcms 1.13
Littlecms Little Cms Color Engine 1.14
Littlecms Little Cms Color Engine 1.13
Littlecms Little Cms Color Engine 1.12
Littlecms Lcms
Littlecms Lcms 1.12
Littlecms Lcms 1.11
Littlecms Little Cms Color Engine 1.11
Littlecms Little Cms Color Engine 1.10
Littlecms Little Cms Color Engine 1.07
Littlecms Little Cms Color Engine
10
CVSSv2
CVE-2008-5317
Integer signedness error in the cmsAllocGamma function in src/cmsgamma.c in Little cms color engine (aka lcms) prior to 1.17 allows malicious users to have an unknown impact via a file containing a certain "number of entries" value, which is interpreted improperly, lead...
Littlecms Lcms 1.08
Littlecms Lcms 1.07
Littlecms Little Cms Color Engine 1.14
Littlecms Little Cms Color Engine 1.07
Littlecms Little Cms Color Engine 1.15
Littlecms Lcms 1.12
Littlecms Lcms 1.11
Littlecms Little Cms Color Engine 1.11
Littlecms Little Cms Color Engine 1.10
Littlecms Lcms
Littlecms Lcms 1.14
Littlecms Lcms 1.13
Littlecms Little Cms Color Engine 1.13
Littlecms Little Cms Color Engine 1.12
Littlecms Lcms 1.15
Littlecms Little Cms Color Engine
Littlecms Lcms 1.10
Littlecms Lcms 1.09
Littlecms Little Cms Color Engine 1.09
Littlecms Little Cms Color Engine 1.08
5
CVSSv2
CVE-2013-4160
Little CMS (lcms2) prior to 2.5, as used in OpenJDK 7 and possibly other products, allows remote malicious users to cause a denial of service (NULL pointer dereference and crash) via vectors related to (1) cmsStageAllocLabV2ToV4curves, (2) cmsPipelineDup, (3) cmsAllocProfileSeque...
Littlecms Little Cms Color Engine 1.13
Littlecms Little Cms Color Engine 1.12
Littlecms Little Cms Color Engine 1.11
Littlecms Little Cms Color Engine 1.19
Littlecms Little Cms Color Engine 1.18
Littlecms Little Cms Color Engine 2.2
Littlecms Little Cms Color Engine 2.3
Littlecms Little Cms Color Engine
Littlecms Little Cms Color Engine 1.10
Littlecms Little Cms Color Engine 1.09
Littlecms Little Cms Color Engine 1.16
Littlecms Little Cms Color Engine 1.14
Littlecms Little Cms Color Engine 1.07
Littlecms Little Cms Color Engine 2.1
Littlecms Little Cms Color Engine 1.17
Littlecms Little Cms Color Engine 1.15
Littlecms Little Cms Color Engine 1.08
Littlecms Little Cms Color Engine 2.0
4.3
CVSSv2
CVE-2013-4276
Multiple stack-based buffer overflows in LittleCMS (aka lcms or liblcms) 1.19 and previous versions allow remote malicious users to cause a denial of service (crash) via a crafted (1) ICC color profile to the icctrans utility or (2) TIFF image to the tiffdiff utility.
Littlecms Little Cms Color Engine 1.17
Littlecms Little Cms Color Engine 1.11
Littlecms Little Cms Color Engine 1.12
Littlecms Little Cms Color Engine 1.09
Littlecms Little Cms Color Engine 1.10
Littlecms Little Cms Color Engine 1.07
Littlecms Little Cms Color Engine 1.08
Littlecms Little Cms Color Engine 1.15
Littlecms Little Cms Color Engine 1.16
Littlecms Little Cms Color Engine 1.18
Littlecms Little Cms Color Engine
Littlecms Little Cms Color Engine 1.13
Littlecms Little Cms Color Engine 1.14
10
CVSSv2
CVE-2013-7455
Double free vulnerability in the DefaultICCintents function in cmscnvrt.c in liblcms2 in Little CMS 2.x prior to 2.6 allows remote malicious users to execute arbitrary code via a malformed ICC profile that triggers an error in the default intent handler.
Littlecms Little Cms Color Engine 2.0
Littlecms Little Cms Color Engine 2.5
Littlecms Little Cms Color Engine 2.2
Littlecms Little Cms Color Engine 2.1
Littlecms Little Cms Color Engine 2.4
Littlecms Little Cms Color Engine 2.3
6.8
CVSSv2
CVE-2018-11555
tificc in Little CMS 2.9 has an out-of-bounds write in the PrecalculatedXFORM function in cmsxform.c in liblcms2.a via a crafted TIFF file. NOTE: Little CMS developers do consider this a vulnerability because the issue is based on an sample program using LIBTIFF and do not apply ...
Littlecms Little Cms 2.9
6.8
CVSSv2
CVE-2018-11556
tificc in Little CMS 2.9 has an out-of-bounds write in the cmsPipelineCheckAndRetreiveStages function in cmslut.c in liblcms2.a via a crafted TIFF file. NOTE: Little CMS developers do consider this a vulnerability because the issue is based on an sample program using LIBTIFF and ...
Littlecms Little Cms 2.9
4.3
CVSSv2
CVE-2009-0793
cmsxform.c in LittleCMS (aka lcms or liblcms) 1.18, as used in OpenJDK and other products, allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via a crafted image that triggers execution of incorrect code for "transform...
Sun Openjdk 6
Littlecms Lcms 1.18
9.3
CVSSv2
CVE-2009-0723
Multiple integer overflows in LittleCMS (aka lcms or liblcms) prior to 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent malicious users to execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow. NOTE: some of th...
Gimp Gimp
Mozilla Firefox 3.1
Sun Openjdk
Littlecms Little Cms
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »