Описание
Little CMS (lcms2) before 2.5, as used in OpenJDK 7 and possibly other products, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to (1) cmsStageAllocLabV2ToV4curves, (2) cmsPipelineDup, (3) cmsAllocProfileSequenceDescription, (4) CurvesAlloc, and (5) cmsnamed.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 9.07~dfsg2-0ubuntu4 |
| lucid | not-affected | code not present |
| precise | not-affected | code not present |
| quantal | not-affected | code not present |
| raring | released | 9.07~dfsg2-0ubuntu3.1 |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | code-not-present |
| lucid | not-affected | code-not-present |
| precise | not-affected | code-not-present |
| quantal | not-affected | code-not-present |
| raring | not-affected | code-not-present |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 2.5-0ubuntu1 |
| lucid | DNE | |
| precise | released | 2.2+git20110628-2ubuntu3.1 |
| quantal | released | 2.2+git20110628-2ubuntu4.1 |
| raring | released | 2.4-0ubuntu3.1 |
| upstream | released | 2.5 |
Показывать по
Ссылки на источники
EPSS
5 Medium
CVSS2
Связанные уязвимости
Little CMS (lcms2) before 2.5, as used in OpenJDK 7 and possibly other products, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to (1) cmsStageAllocLabV2ToV4curves, (2) cmsPipelineDup, (3) cmsAllocProfileSequenceDescription, (4) CurvesAlloc, and (5) cmsnamed.
Little CMS (lcms2) before 2.5, as used in OpenJDK 7 and possibly other products, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to (1) cmsStageAllocLabV2ToV4curves, (2) cmsPipelineDup, (3) cmsAllocProfileSequenceDescription, (4) CurvesAlloc, and (5) cmsnamed.
Little CMS (lcms2) before 2.5, as used in OpenJDK 7 and possibly other ...
Little CMS (lcms2) before 2.5, as used in OpenJDK 7 and possibly other products, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to (1) cmsStageAllocLabV2ToV4curves, (2) cmsPipelineDup, (3) cmsAllocProfileSequenceDescription, (4) CurvesAlloc, and (5) cmsnamed.
EPSS
5 Medium
CVSS2