Vulnerabilities > Littlecms > Lcms > 1.10
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-12-03 | CVE-2008-5317 | Numeric Errors vulnerability in Littlecms Lcms and Little CMS Color Engine Integer signedness error in the cmsAllocGamma function in src/cmsgamma.c in Little cms color engine (aka lcms) before 1.17 allows attackers to have an unknown impact via a file containing a certain "number of entries" value, which is interpreted improperly, leading to an allocation of insufficient memory. | 10.0 |
2008-12-03 | CVE-2008-5316 | Buffer Errors vulnerability in Littlecms Lcms and Little CMS Color Engine Buffer overflow in the ReadEmbeddedTextTag function in src/cmsio1.c in Little cms color engine (aka lcms) before 1.16 allows attackers to have an unknown impact via vectors related to a length parameter inconsistency involving the contents of "the input file," a different vulnerability than CVE-2007-2741. | 10.0 |
2007-05-17 | CVE-2007-2741 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Littlecms Lcms Stack-based buffer overflow in Little CMS (lcms) before 1.15 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ICC profile in a JPG file. | 9.3 |