Описание
The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | lcms | Not affected | ||
| Red Hat Enterprise Linux 6 | lcms | Not affected | ||
| Red Hat Enterprise Linux 7 | lcms2 | Will not fix | ||
| Red Hat OpenShift Enterprise 2 | lcms | Not affected | ||
| Oracle Java for Red Hat Enterprise Linux 6 | java-1.8.0-oracle | Fixed | RHSA-2017:2999 | 23.10.2017 |
| Oracle Java for Red Hat Enterprise Linux 6 | java-1.7.0-oracle | Fixed | RHSA-2017:3046 | 24.10.2017 |
| Oracle Java for Red Hat Enterprise Linux 7 | java-1.8.0-oracle | Fixed | RHSA-2017:2999 | 23.10.2017 |
| Oracle Java for Red Hat Enterprise Linux 7 | java-1.7.0-oracle | Fixed | RHSA-2017:3046 | 24.10.2017 |
| Red Hat Enterprise Linux 5 | java-1.7.0-openjdk | Fixed | RHSA-2016:2658 | 07.11.2016 |
| Red Hat Enterprise Linux 6 | java-1.8.0-openjdk | Fixed | RHSA-2016:2079 | 19.10.2016 |
Показывать по
Дополнительная информация
Статус:
EPSS
7.1 High
CVSS3
5.8 Medium
CVSS2
Связанные уязвимости
The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read.
The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read.
The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) all ...
The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read.
EPSS
7.1 High
CVSS3
5.8 Medium
CVSS2