Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2009-0733

Опубликовано: 23 мар. 2009
Источник: nvd
CVSS2: 9.3
EPSS Низкий

Описание

Multiple stack-based buffer overflows in the ReadSetOfCurves function in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file associated with a large integer value for the (1) input or (2) output channel, related to the ReadLUT_A2B and ReadLUT_B2A functions.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:gimp:gimp:*:*:*:*:*:*:*:*
Версия до 2.9.2 (исключая)
cpe:2.3:a:mozilla:firefox:3.1:beta1:*:*:*:*:*:*
cpe:2.3:a:sun:openjdk:*:*:*:*:*:*:*:*
Версия до 7 (включая)
Конфигурация 2
cpe:2.3:a:littlecms:little_cms:*:*:*:*:*:*:*:*
Версия до 1.17 (включая)

EPSS

Процентиль: 80%
0.01492
Низкий

9.3 Critical

CVSS2

Дефекты

CWE-787

Связанные уязвимости

ubuntu логотип

CVE-2009-0733

ubuntu
около 16 лет назад

Multiple stack-based buffer overflows in the ReadSetOfCurves function in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file associated with a large integer value for the (1) input or (2) output channel, related to the ReadLUT_A2B and ReadLUT_B2A functions.

redhat логотип

CVE-2009-0733

redhat
больше 16 лет назад

Multiple stack-based buffer overflows in the ReadSetOfCurves function in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file associated with a large integer value for the (1) input or (2) output channel, related to the ReadLUT_A2B and ReadLUT_B2A functions.

debian логотип

CVE-2009-0733

debian
около 16 лет назад

Multiple stack-based buffer overflows in the ReadSetOfCurves function ...

github логотип

GHSA-mm82-c2wc-w6j7

github
около 3 лет назад

Multiple stack-based buffer overflows in the ReadSetOfCurves function in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file associated with a large integer value for the (1) input or (2) output channel, related to the ReadLUT_A2B and ReadLUT_B2A functions.

oracle-oval логотип

ELSA-2009-0339

oracle-oval
больше 16 лет назад

ELSA-2009-0339: lcms security update (MODERATE)

EPSS

Процентиль: 80%
0.01492
Низкий

9.3 Critical

CVSS2

Дефекты

CWE-787