Stack-based Buffer Overflow in Little CMS Affects Multiple Versions
CVE-2007-2741

Currently unrated

Key Information:

Vendor

Littlecms

Status
Lcms
Vendor
CVE Published:
17 May 2007

What is CVE-2007-2741?

A stack-based buffer overflow has been identified in Little CMS (lcms) versions prior to 1.15. This vulnerability allows remote attackers to craft a malicious ICC profile embedded in a JPG file, potentially leading to the execution of arbitrary code or causing application crashes. Users are advised to update their versions to ensure against exploitation.

References

http://osvdb.org/36179
vdb-entryx_refsource_OSVDB
http://www.vupen.com/english/advisories/2007/1837
vdb-entryx_refsource_VUPEN
http://secunia.com/advisories/32282
third-party-advisoryx_refsource_SECUNIA

EPSS Score

15% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.