Vulnerabilities > Littlecms > Lcms > 1.14
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-12-03 | CVE-2008-5317 | Numeric Errors vulnerability in Littlecms Lcms and Little CMS Color Engine Integer signedness error in the cmsAllocGamma function in src/cmsgamma.c in Little cms color engine (aka lcms) before 1.17 allows attackers to have an unknown impact via a file containing a certain "number of entries" value, which is interpreted improperly, leading to an allocation of insufficient memory. | 10.0 |
2008-12-03 | CVE-2008-5316 | Buffer Errors vulnerability in Littlecms Lcms and Little CMS Color Engine Buffer overflow in the ReadEmbeddedTextTag function in src/cmsio1.c in Little cms color engine (aka lcms) before 1.16 allows attackers to have an unknown impact via vectors related to a length parameter inconsistency involving the contents of "the input file," a different vulnerability than CVE-2007-2741. | 10.0 |