Описание
Multiple integer overflows in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 1.13-1ubuntu0.2 |
| devel | released | 1.17.dfsg-1ubuntu2 |
| gutsy | released | 1.16-5ubuntu3.2 |
| hardy | released | 1.16-7ubuntu1.2 |
| intrepid | released | 1.16-10ubuntu0.2 |
| upstream | released | 1.18beta2 |
Показывать по
EPSS
9.3 Critical
CVSS2
Связанные уязвимости
Multiple integer overflows in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information.
Multiple integer overflows in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information.
Multiple integer overflows in LittleCMS (aka lcms or liblcms) before 1 ...
Multiple integer overflows in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information.
EPSS
9.3 Critical
CVSS2