CVE-2009-0723

Currently unrated

Key Information:

Vendor: Mozilla
Status: Firefox; Gimp; Openjdk
Vendor: CVE Published:; 23 March 2009

Summary

Multiple integer overflows in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information.

References

https://www.redhat.com/archives/fedora-package-announce/2...

vendor-advisoryx_refsource_FEDORA

http://www.mandriva.com/security/advisories?name=MDVSA-20...

vendor-advisoryx_refsource_MANDRIVA

http://secunia.com/advisories/34632

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Mar 23, 2009
Vulnerability Reserved
Feb 24, 2009