First published: Tue Aug 16 2016(Updated: )
The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read.
Credit: cve@mitre.org cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Littlecms Little Cms Color Engine | ||
Debian Debian Linux | =8.0 | |
openSUSE Leap | =42.1 | |
Littlecms Little Cms Color Engine | <2.11 | |
Canonical Ubuntu Linux | =12.04 | |
Canonical Ubuntu Linux | =14.04 | |
Canonical Ubuntu Linux | =16.04 | |
Canonical Ubuntu Linux | =18.04 | |
Redhat Satellite | =5.8 | |
Redhat Enterprise Linux Desktop | =5.0 | |
Redhat Enterprise Linux Desktop | =6.0 | |
Redhat Enterprise Linux Desktop | =7.0 | |
Redhat Enterprise Linux Server | =5.0 | |
Redhat Enterprise Linux Server | =6.0 | |
Redhat Enterprise Linux Server | =7.0 | |
Redhat Enterprise Linux Server Aus | =7.3 | |
Redhat Enterprise Linux Server Aus | =7.4 | |
Redhat Enterprise Linux Server Aus | =7.6 | |
Redhat Enterprise Linux Server Aus | =7.7 | |
Redhat Enterprise Linux Server Eus | =7.3 | |
Redhat Enterprise Linux Server Eus | =7.4 | |
Redhat Enterprise Linux Server Eus | =7.5 | |
Redhat Enterprise Linux Server Eus | =7.6 | |
Redhat Enterprise Linux Server Eus | =7.7 | |
Redhat Enterprise Linux Server Tus | =7.3 | |
Redhat Enterprise Linux Server Tus | =7.6 | |
Redhat Enterprise Linux Server Tus | =7.7 | |
Redhat Enterprise Linux Workstation | =5.0 | |
Redhat Enterprise Linux Workstation | =6.0 | |
Redhat Enterprise Linux Workstation | =7.0 | |
Netapp Active Iq Unified Manager Windows | >=7.3 | |
Netapp Active Iq Unified Manager Vmware Vsphere | >=9.5 | |
Netapp E-series Santricity Management Vmware Sra | ||
Netapp E-series Santricity Management Vmware Vasa | ||
Netapp E-series Santricity Management Vmware Vcenter | ||
NetApp E-Series SANtricity OS Controller | =11.0 | |
NetApp E-Series SANtricity OS Controller | =11.0.0 | |
NetApp E-Series SANtricity OS Controller | =11.20 | |
NetApp E-Series SANtricity OS Controller | =11.25 | |
NetApp E-Series SANtricity OS Controller | =11.30 | |
NetApp E-Series SANtricity OS Controller | =11.30.5r3 | |
NetApp E-Series SANtricity OS Controller | =11.40 | |
NetApp E-Series SANtricity OS Controller | =11.40.3r2 | |
NetApp E-Series SANtricity OS Controller | =11.40.5 | |
NetApp E-Series SANtricity OS Controller | =11.50.1 | |
NetApp E-Series SANtricity OS Controller | =11.50.2 | |
NetApp E-Series SANtricity OS Controller | =11.50.2-p1 | |
NetApp E-Series SANtricity OS Controller | =11.60 | |
NetApp E-Series SANtricity OS Controller | =11.60.0 | |
NetApp E-Series SANtricity OS Controller | =11.60.1 | |
NetApp E-Series SANtricity OS Controller | =11.60.3 | |
NetApp E-Series SANtricity OS Controller | =11.70.1 | |
NetApp E-Series SANtricity OS Controller | =11.70.2 | |
NetApp OnCommand Balance | ||
NetApp OnCommand Insight | ||
Netapp Oncommand Performance Manager Vmware Vsphere | ||
Netapp Oncommand Shift | ||
Netapp Oncommand Unified Manager 7-mode | ||
Netapp Oncommand Unified Manager Vmware Vsphere | =7.1 | |
ubuntu/lcms2 | <2.8-4 | 2.8-4 |
ubuntu/lcms2 | <2.5-0ubuntu4.2 | 2.5-0ubuntu4.2 |
ubuntu/lcms2 | <2.8-4 | 2.8-4 |
ubuntu/lcms2 | <2.6-3ubuntu2.1 | 2.6-3ubuntu2.1 |
ubuntu/openjdk-7 | <7 | 7 |
ubuntu/openjdk-7 | <7 | 7 |
debian/lcms2 | 2.12~rc1-2 2.14-2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.