Double free vulnerability in the DefaultICCintents function in cmscnvrt.c in liblcms2 in Little CMS 2.x prior to 2.6 allows remote malicious users to execute arbitrary code via a malformed ICC profile that triggers an error in the default intent handler.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
littlecms little cms color engine 2.0 |
||
littlecms little cms color engine 2.5 |
||
littlecms little cms color engine 2.2 |
||
littlecms little cms color engine 2.1 |
||
littlecms little cms color engine 2.4 |
||
littlecms little cms color engine 2.3 |