CVE-2009-0793
- EPSS 10.61%
- Published 09.04.2009 15:08:35
- Last modified 09.04.2025 00:30:58
cmsxform.c in LittleCMS (aka lcms or liblcms) 1.18, as used in OpenJDK and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted image that triggers execution of incorrect ...
- EPSS 1.84%
- Published 03.12.2008 17:30:00
- Last modified 09.04.2025 00:30:58
Buffer overflow in the ReadEmbeddedTextTag function in src/cmsio1.c in Little cms color engine (aka lcms) before 1.16 allows attackers to have an unknown impact via vectors related to a length parameter inconsistency involving the contents of "the in...
- EPSS 0.95%
- Published 03.12.2008 17:30:00
- Last modified 09.04.2025 00:30:58
Integer signedness error in the cmsAllocGamma function in src/cmsgamma.c in Little cms color engine (aka lcms) before 1.17 allows attackers to have an unknown impact via a file containing a certain "number of entries" value, which is interpreted impr...
CVE-2007-2741
- EPSS 14.97%
- Published 17.05.2007 19:30:00
- Last modified 09.04.2025 00:30:58
Stack-based buffer overflow in Little CMS (lcms) before 1.15 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ICC profile in a JPG file.