First published: Wed Dec 03 2008(Updated: )
Integer signedness error in the cmsAllocGamma function in src/cmsgamma.c in Little cms color engine (aka lcms) before 1.17 allows attackers to have an unknown impact via a file containing a certain "number of entries" value, which is interpreted improperly, leading to an allocation of insufficient memory.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Littlecms Little Cms Color Engine | =1.15 | |
Littlecms Lcms | <=1.16 | |
Littlecms Lcms | =1.08 | |
Littlecms Little Cms Color Engine | =1.12 | |
Littlecms Lcms | =1.14 | |
Littlecms Little Cms Color Engine | =1.13 | |
Littlecms Lcms | =1.15 | |
Littlecms Little Cms Color Engine | =1.11 | |
Littlecms Little Cms Color Engine | =1.08 | |
Littlecms Lcms | =1.07 | |
Littlecms Little Cms Color Engine | =1.10 | |
Littlecms Lcms | =1.13 | |
Littlecms Little Cms Color Engine | =1.09 | |
Littlecms Lcms | =1.12 | |
Littlecms Lcms | =1.11 | |
Littlecms Little Cms Color Engine | <=1.16 | |
Littlecms Little Cms Color Engine | =1.07 | |
Littlecms Lcms | =1.10 | |
Littlecms Lcms | =1.09 | |
Littlecms Little Cms Color Engine | =1.14 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.