9.3
CVSSv2

CVE-2012-1616

Published: 21/06/2012 Updated: 29/08/2017
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
VMScore: 828
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Summary

Use-after-free vulnerability in icclib prior to 2.13, as used by Argyll CMS prior to 1.4 and possibly other programs, allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted ICC profile file.

Affected Products

Vendor Product Versions
ArgyllcmsArgyllcms0.1.0, 0.2.0, 0.2.1, 0.2.2, 0.3.0, 0.6.0, 0.7.0, 1.0.0, 1.0.2, 1.0.3, 1.0.4, 1.1.0, 1.1.1, 1.2.0, 1.3.0, 1.3.1, 1.3.2, 1.3.3, 1.3.4, 1.3.5, 1.3.6, 1.3.7
ColorIcclib1.23, 2.00, 2.02, 2.03, 2.11