Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2009-0793

Published: 09/04/2009 Updated: 13/02/2023
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Subscribe to Openjdk

Vulnerability Summary

cmsxform.c in LittleCMS (aka lcms or liblcms) 1.18, as used in OpenJDK and other products, allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via a crafted image that triggers execution of incorrect code for "transformations of monochrome profiles."

Vulnerable Product Search on Vulmon Subscribe to Product

sun openjdk 6

littlecms lcms 1.18

Vendor Advisories

Red Hat: Important: java-1.6.0-openjdk security update
Synopsis Important: java-160-openjdk security update Type/Severity Security Advisory: Important Topic Updated java-160-openjdk packages that fix several security issues arenow available for Red Hat Enterprise Linux 5This update has been rated as having important security impact by the RedHat Security R ...
Ubuntu Security Notice: lcms vulnerability
It was discovered that a NULL pointer dereference in the code for handling transformations of monochrome profiles could allow an attacker to cause a denial of service through a specially crafted image (CVE-2009-0793) ...

References

CWE-20http://secunia.com/advisories/34634https://rhn.redhat.com/errata/RHSA-2009-0377.htmlhttp://www.vupen.com/english/advisories/2009/0964http://www.securityfocus.com/bid/34411http://www.vupen.com/english/advisories/2009/0963https://bugzilla.redhat.com/show_bug.cgi?id=492353http://www.securityfocus.com/bid/34420http://secunia.com/advisories/34635http://secunia.com/advisories/34623https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00204.htmlhttps://www.redhat.com/archives/fedora-package-announce/2009-April/msg00203.htmlhttp://www.debian.org/security/2009/dsa-1769http://secunia.com/advisories/34675http://secunia.com/advisories/34632http://secunia.com/advisories/34782http://security.gentoo.org/glsa/glsa-200904-19.xmlhttps://www.redhat.com/archives/fedora-package-announce/2009-May/msg00285.htmlhttps://www.redhat.com/archives/fedora-package-announce/2009-May/msg00233.htmlhttp://secunia.com/advisories/35048http://www.mandriva.com/security/advisories?name=MDVSA-2009:121http://www.mandriva.com/security/advisories?name=MDVSA-2009:137http://www.mandriva.com/security/advisories?name=MDVSA-2009:162http://www.ubuntu.com/usn/USN-1043-1http://secunia.com/advisories/42870http://www.vupen.com/english/advisories/2011/0087https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11340https://access.redhat.com/errata/RHSA-2009:0377https://usn.ubuntu.com/1043-1/https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977IMAPlocal usersCVE-2024-32038CVE-2023-49963CVE-2023-22869CVE-2024-31497localCVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook