[Forgot Password]
Login  Register Subscribe

24436

 
 

131815

 
 

116471

 
 

909

 
 

91176

 
 

140

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML view JSON

CVE-2018-16435Date: (C)2018-09-10   (M)2018-12-04


Little CMS (aka Little Color Management System) 2.9 has an integer overflow in the AllocateDataSet function in cmscgats.c, leading to a heap-based buffer overflow in the SetData function via a crafted file in the second argument to cmsIT8LoadFromFile.

Reference:
DSA-4284
RHSA-2018:3004
USN-3770-1
USN-3770-2
https://lists.debian.org/debian-lts-announce/2018/09/msg00005.html
https://github.com/mm2/Little-CMS/commit/768f70ca405cd3159d990e962d54456773bb8cf8
https://github.com/mm2/Little-CMS/issues/171

OVAL    6
oval:org.secpod.oval:def:704322
oval:org.secpod.oval:def:603503
oval:org.secpod.oval:def:115174
oval:org.secpod.oval:def:115148
...

© SecPod Technologies