Back to search
CVE-2018-16435
Published: Sep 4, 2018
Modified: Aug 5, 2024
PUBLISHED
Description
Little CMS (aka Little Color Management System) 2.9 has an integer overflow in the AllocateDataSet function in cmscgats.c, leading to a heap-based buffer overflow in the SetData function via a crafted file in the second argument to cmsIT8LoadFromFile.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
USN-3770-2
vendor-advisory
x_refsource_UBUNTU
USN-3770-1
vendor-advisory
x_refsource_UBUNTU
RHSA-2018:3004
vendor-advisory
x_refsource_REDHAT
[debian-lts-announce] 20180906 [SECURITY] [DLA 1496-1] lcms2 security update
mailing-list
x_refsource_MLIST
https://github.com/mm2/Little-CMS/issues/171
x_refsource_MISC
DSA-4284
vendor-advisory
x_refsource_DEBIAN
GLSA-202105-18
vendor-advisory
x_refsource_GENTOO
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now