cmsxform.c in LittleCMS (aka lcms or liblcms) 1.18, as used in OpenJDK and other products, allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via a crafted image that triggers execution of incorrect code for "transformations of monochrome profiles."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sun openjdk 6 |
||
littlecms lcms 1.18 |