[Forgot Password]
Login  Register Subscribe

24547

 
 

132176

 
 

122448

 
 

909

 
 

100914

 
 

148

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML view JSON

CVE-2018-16435Date: (C)2018-09-10   (M)2019-04-04


Little CMS (aka Little Color Management System) 2.9 has an integer overflow in the AllocateDataSet function in cmscgats.c, leading to a heap-based buffer overflow in the SetData function via a crafted file in the second argument to cmsIT8LoadFromFile.

Reference:
DSA-4284
RHSA-2018:3004
USN-3770-1
USN-3770-2
https://lists.debian.org/debian-lts-announce/2018/09/msg00005.html
https://github.com/mm2/Little-CMS/commit/768f70ca405cd3159d990e962d54456773bb8cf8
https://github.com/mm2/Little-CMS/issues/171

OVAL    5
oval:org.secpod.oval:def:704322
oval:org.secpod.oval:def:115174
oval:org.secpod.oval:def:51129
oval:org.secpod.oval:def:115148
...

© SecPod Technologies