Описание
Little CMS (aka Little Color Management System) 2.9 has an integer overflow in the AllocateDataSet function in cmscgats.c, leading to a heap-based buffer overflow in the SetData function via a crafted file in the second argument to cmsIT8LoadFromFile.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 69.0.3497.81-0ubuntu0.18.04.1 |
| cosmic | released | 69.0.3497.81-0ubuntu1 |
| devel | released | 69.0.3497.81-0ubuntu1 |
| disco | released | 69.0.3497.81-0ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was ignored [no longer updated]] |
| precise/esm | DNE | |
| trusty | ignored | end of standard support |
| trusty/esm | DNE | trusty was ignored [no longer updated] |
| upstream | released | 69.0.3497.81-1 |
| xenial | released | 69.0.3497.81-0ubuntu0.16.04.1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| cosmic | DNE | |
| devel | DNE | |
| disco | DNE | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was needs-triage] |
| precise/esm | not-affected | 1.19.dfsg-1ubuntu3.1 |
| trusty | ignored | end of standard support |
| trusty/esm | DNE | trusty was needs-triage |
| upstream | needs-triage | |
| xenial | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 2.9-1ubuntu0.1 |
| cosmic | released | 2.9-3 |
| devel | released | 2.9-3 |
| disco | released | 2.9-3 |
| esm-infra-legacy/trusty | released | 2.5-0ubuntu4.2 |
| esm-infra/bionic | released | 2.9-1ubuntu0.1 |
| esm-infra/xenial | released | 2.6-3ubuntu2.1 |
| precise/esm | not-affected | 2.2+git20110628-2ubuntu3.3 |
| trusty | released | 2.5-0ubuntu4.2 |
| trusty/esm | released | 2.5-0ubuntu4.2 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| cosmic | DNE | |
| devel | DNE | |
| disco | DNE | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was ignored [Ubuntu touch end-of-life]] |
| esm-infra/xenial | ignored | Ubuntu touch end-of-life |
| precise/esm | DNE | |
| trusty | ignored | end of standard support |
| trusty/esm | DNE | trusty was ignored [Ubuntu touch end-of-life] |
| upstream | needs-triage |
Показывать по
EPSS
4.3 Medium
CVSS2
5.5 Medium
CVSS3
Связанные уязвимости
Little CMS (aka Little Color Management System) 2.9 has an integer overflow in the AllocateDataSet function in cmscgats.c, leading to a heap-based buffer overflow in the SetData function via a crafted file in the second argument to cmsIT8LoadFromFile.
Little CMS (aka Little Color Management System) 2.9 has an integer overflow in the AllocateDataSet function in cmscgats.c, leading to a heap-based buffer overflow in the SetData function via a crafted file in the second argument to cmsIT8LoadFromFile.
Little CMS (aka Little Color Management System) 2.9 has an integer ove ...
EPSS
4.3 Medium
CVSS2
5.5 Medium
CVSS3