Buffer Overflow in Little Cms Color Engine by LittleCMS
CVE-2008-5316

Currently unrated

Key Information:

Vendor: Littlecms
Status: Lcms; Little Cms Color Engine
Vendor: CVE Published:; 3 December 2008

What is CVE-2008-5316?

A vulnerability exists within the ReadEmbeddedTextTag function in the LittleCMS color engine prior to version 1.16. This buffer overflow can be exploited through improper handling of the length parameter related to the input file contents. Attackers may leverage this issue to execute arbitrary code or cause application crashes, posing risks to systems utilizing this software. Users are advised to update to the latest version to mitigate potential exploits.

References

http://lcms.cvs.sourceforge.net/viewvc/lcms/lcms/src/cmsi...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/32708

vdb-entryx_refsource_BID

http://secunia.com/advisories/33066

third-party-advisoryx_refsource_SECUNIA

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 3, 2008
Vulnerability Reserved
Dec 3, 2008

CVE-2008-5316 Data

JSON

Littlecms

What is CVE-2008-5316?

References

Timeline