) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Keyword (text search): cpe:2.3:a:littlecms:little_cms:1.08:*:*:*:*:*:*:*
- CPE Name Search: true
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2009-0733 |
Multiple stack-based buffer overflows in the ReadSetOfCurves function in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file associated with a large integer value for the (1) input or (2) output channel, related to the ReadLUT_A2B and ReadLUT_B2A functions. Published: March 23, 2009; 10:19:12 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 9.3 HIGH |
| CVE-2009-0723 |
Multiple integer overflows in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information. Published: March 23, 2009; 10:19:12 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 9.3 HIGH |
| CVE-2009-0581 |
Memory leak in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allows context-dependent attackers to cause a denial of service (memory consumption and application crash) via a crafted image file. Published: March 23, 2009; 10:19:12 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 4.3 MEDIUM |