First published: Mon Aug 05 2013(Updated: )
Multiple stack-based buffer overflows in LittleCMS (aka lcms or liblcms) 1.19 and earlier allow remote attackers to cause a denial of service (crash) via a crafted (1) ICC color profile to the icctrans utility or (2) TIFF image to the tiffdiff utility.
Credit: secalert@redhat.com secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Littlecms Little Cms Color Engine | <=1.19 | |
Littlecms Little Cms Color Engine | =1.07 | |
Littlecms Little Cms Color Engine | =1.08 | |
Littlecms Little Cms Color Engine | =1.09 | |
Littlecms Little Cms Color Engine | =1.10 | |
Littlecms Little Cms Color Engine | =1.11 | |
Littlecms Little Cms Color Engine | =1.12 | |
Littlecms Little Cms Color Engine | =1.13 | |
Littlecms Little Cms Color Engine | =1.14 | |
Littlecms Little Cms Color Engine | =1.15 | |
Littlecms Little Cms Color Engine | =1.16 | |
Littlecms Little Cms Color Engine | =1.17 | |
Littlecms Little Cms Color Engine | =1.18 | |
debian/lcms2 | 2.12~rc1-2 2.14-2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.