what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 5 of 5 RSS Feed

CVE-2018-16435

Status Candidate

Overview

Little CMS (aka Little Color Management System) 2.9 has an integer overflow in the AllocateDataSet function in cmscgats.c, leading to a heap-based buffer overflow in the SetData function via a crafted file in the second argument to cmsIT8LoadFromFile.

Related Files

Gentoo Linux Security Advisory 202105-18
Posted May 26, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202105-18 - A heap-based buffer overflow in LittleCMS might allow remote attackers to execute arbitrary code. Versions less than 2.10 are affected.

tags | advisory, remote, overflow, arbitrary
systems | linux, gentoo
advisories | CVE-2018-16435
SHA-256 | 6d40cbbba2638205040fb32337eafe2c2cbc049a7177b57edad7e833574edcfa
Red Hat Security Advisory 2018-3004-01
Posted Oct 25, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3004-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 70.0.3538.67. Issues addressed include buffer overflow and code execution vulnerabilities.

tags | advisory, web, overflow, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2018-16435, CVE-2018-17462, CVE-2018-17463, CVE-2018-17464, CVE-2018-17465, CVE-2018-17466, CVE-2018-17467, CVE-2018-17468, CVE-2018-17469, CVE-2018-17470, CVE-2018-17471, CVE-2018-17473, CVE-2018-17474, CVE-2018-17475, CVE-2018-17476, CVE-2018-17477, CVE-2018-5179
SHA-256 | a62da74222a6deb430950a3191ab187b2c3fa28cab9bc58b56e098e0ed3bb36c
Ubuntu Security Notice USN-3770-2
Posted Sep 20, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3770-2 - USN-3770-1 fixed a vulnerability in Little CMS. This update provides the corresponding update for Ubuntu 12.04 ESM. Pedro Ribeiro discovered that Little CMS incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2013-4276, CVE-2016-10165, CVE-2018-16435
SHA-256 | b7ae09b3b470437f185a3c58a0d7a633f23be3692d66752b8f69b0951720a0b8
Ubuntu Security Notice USN-3770-1
Posted Sep 20, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3770-1 - Ibrahim El-Sayed discovered that Little CMS incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. Quang Nguyen discovered that Little CMS incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2016-10165, CVE-2018-16435
SHA-256 | ac66e84eef2a9535a990bf633acdc293ebae38990675c4e6ffb4d2804d785b40
Debian Security Advisory 4284-1
Posted Sep 5, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4284-1 - Quang Nguyen discovered an integer overflow in the Little CMS 2 colour management library, which could in denial of service and potentially the execution of arbitrary code if a malformed IT8 calibration file is processed.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, debian
advisories | CVE-2018-16435
SHA-256 | c961b12a72c7b60def07bcd5d3fcdca14d9a20ce0b8dd2ae366c8b816c05fd20
Page 1 of 1
Back1Next

File Archive:

February 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    11 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    5 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    0 Files
  • 6
    Feb 6th
    9 Files
  • 7
    Feb 7th
    0 Files
  • 8
    Feb 8th
    0 Files
  • 9
    Feb 9th
    0 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    0 Files
  • 13
    Feb 13th
    0 Files
  • 14
    Feb 14th
    0 Files
  • 15
    Feb 15th
    0 Files
  • 16
    Feb 16th
    0 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close