[liblcms1] [CVE-2007-2741] DoS vulnerability and possible execution of arbitrary code
Bug #174613 reported by
disabled.user
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
lcms (Ubuntu) |
Fix Released
|
Undecided
|
Kees Cook | ||
Dapper |
Fix Released
|
Medium
|
Kees Cook |
Bug Description
Binary package hint: liblcms1
References:
[1] MDKSA-2007:238 (http://
[2] CVE-2007-2741 (http://
Quoting [1]:
"Stack-based buffer overflow in Little CMS (lcms) before 1.15 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ICC profile in a JPG file."
Quoting [2]:
"Stack-based buffer overflow in Little CMS (lmcs) before 1.15 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ICC profile in a JPG file."
CVE References
Changed in lcms: | |
status: | New → Confirmed |
status: | Confirmed → New |
To post a comment you must log in.
Dapper only.