LittleCMS Little cms color engine aka lcms 1.18

CPE Details

LittleCMS Little cms color engine aka lcms 1.18
littlecms
little_cms_color_engine
1.18
2013-09-30
15h51 +00:00
2013-10-02
16h25 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:littlecms:little_cms_color_engine:1.18:*:*:*:*:*:*:*

Informations

Vendor

littlecms

Product

little_cms_color_engine

Version

1.18

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2016-10165 2017-02-03 18h00 +00:00 The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read.
7.1
High
CVE-2013-4160 2014-01-21 17h00 +00:00 Little CMS (lcms2) before 2.5, as used in OpenJDK 7 and possibly other products, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to (1) cmsStageAllocLabV2ToV4curves, (2) cmsPipelineDup, (3) cmsAllocProfileSequenceDescription, (4) CurvesAlloc, and (5) cmsnamed.
5
CVE-2013-4276 2013-09-28 17h00 +00:00 Multiple stack-based buffer overflows in LittleCMS (aka lcms or liblcms) 1.19 and earlier allow remote attackers to cause a denial of service (crash) via a crafted (1) ICC color profile to the icctrans utility or (2) TIFF image to the tiffdiff utility.
4.3