ID CVE-2008-5317
Summary Integer signedness error in the cmsAllocGamma function in src/cmsgamma.c in Little cms color engine (aka lcms) before 1.17 allows attackers to have an unknown impact via a file containing a certain "number of entries" value, which is interpreted improperly, leading to an allocation of insufficient memory.
References
Vulnerable Configurations
  • cpe:2.3:a:littlecms:lcms:1.07:*:*:*:*:*:*:*
    cpe:2.3:a:littlecms:lcms:1.07:*:*:*:*:*:*:*
  • cpe:2.3:a:littlecms:lcms:1.08:*:*:*:*:*:*:*
    cpe:2.3:a:littlecms:lcms:1.08:*:*:*:*:*:*:*
  • cpe:2.3:a:littlecms:lcms:1.09:*:*:*:*:*:*:*
    cpe:2.3:a:littlecms:lcms:1.09:*:*:*:*:*:*:*
  • cpe:2.3:a:littlecms:lcms:1.10:*:*:*:*:*:*:*
    cpe:2.3:a:littlecms:lcms:1.10:*:*:*:*:*:*:*
  • cpe:2.3:a:littlecms:lcms:1.11:*:*:*:*:*:*:*
    cpe:2.3:a:littlecms:lcms:1.11:*:*:*:*:*:*:*
  • cpe:2.3:a:littlecms:lcms:1.12:*:*:*:*:*:*:*
    cpe:2.3:a:littlecms:lcms:1.12:*:*:*:*:*:*:*
  • cpe:2.3:a:littlecms:lcms:1.13:*:*:*:*:*:*:*
    cpe:2.3:a:littlecms:lcms:1.13:*:*:*:*:*:*:*
  • cpe:2.3:a:littlecms:lcms:1.14:*:*:*:*:*:*:*
    cpe:2.3:a:littlecms:lcms:1.14:*:*:*:*:*:*:*
  • cpe:2.3:a:littlecms:lcms:1.15:*:*:*:*:*:*:*
    cpe:2.3:a:littlecms:lcms:1.15:*:*:*:*:*:*:*
  • cpe:2.3:a:littlecms:lcms:*:*:*:*:*:*:*:*
    cpe:2.3:a:littlecms:lcms:*:*:*:*:*:*:*:*
  • cpe:2.3:a:littlecms:little_cms_color_engine:1.07:*:*:*:*:*:*:*
    cpe:2.3:a:littlecms:little_cms_color_engine:1.07:*:*:*:*:*:*:*
  • cpe:2.3:a:littlecms:little_cms_color_engine:1.08:*:*:*:*:*:*:*
    cpe:2.3:a:littlecms:little_cms_color_engine:1.08:*:*:*:*:*:*:*
  • cpe:2.3:a:littlecms:little_cms_color_engine:1.09:*:*:*:*:*:*:*
    cpe:2.3:a:littlecms:little_cms_color_engine:1.09:*:*:*:*:*:*:*
  • cpe:2.3:a:littlecms:little_cms_color_engine:1.10:*:*:*:*:*:*:*
    cpe:2.3:a:littlecms:little_cms_color_engine:1.10:*:*:*:*:*:*:*
  • cpe:2.3:a:littlecms:little_cms_color_engine:1.11:*:*:*:*:*:*:*
    cpe:2.3:a:littlecms:little_cms_color_engine:1.11:*:*:*:*:*:*:*
  • cpe:2.3:a:littlecms:little_cms_color_engine:1.12:*:*:*:*:*:*:*
    cpe:2.3:a:littlecms:little_cms_color_engine:1.12:*:*:*:*:*:*:*
  • cpe:2.3:a:littlecms:little_cms_color_engine:1.13:*:*:*:*:*:*:*
    cpe:2.3:a:littlecms:little_cms_color_engine:1.13:*:*:*:*:*:*:*
  • cpe:2.3:a:littlecms:little_cms_color_engine:1.14:*:*:*:*:*:*:*
    cpe:2.3:a:littlecms:little_cms_color_engine:1.14:*:*:*:*:*:*:*
  • cpe:2.3:a:littlecms:little_cms_color_engine:1.15:*:*:*:*:*:*:*
    cpe:2.3:a:littlecms:little_cms_color_engine:1.15:*:*:*:*:*:*:*
  • cpe:2.3:a:littlecms:little_cms_color_engine:*:*:*:*:*:*:*:*
    cpe:2.3:a:littlecms:little_cms_color_engine:*:*:*:*:*:*:*:*
CVSS
Base: 10.0 (as of 03-10-2018 - 21:56)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:N/C:C/I:C/A:C
oval via4
accepted 2013-04-29T04:07:44.180-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 5
    oval oval:org.mitre.oval:def:11414
  • comment The operating system installed on the system is CentOS Linux 5.x
    oval oval:org.mitre.oval:def:15802
  • comment Oracle Linux 5.x
    oval oval:org.mitre.oval:def:15459
description Integer signedness error in the cmsAllocGamma function in src/cmsgamma.c in Little cms color engine (aka lcms) before 1.17 allows attackers to have an unknown impact via a file containing a certain "number of entries" value, which is interpreted improperly, leading to an allocation of insufficient memory.
family unix
id oval:org.mitre.oval:def:10685
status accepted
submitted 2010-07-09T03:56:16-04:00
title Integer signedness error in the cmsAllocGamma function in src/cmsgamma.c in Little cms color engine (aka lcms) before 1.17 allows attackers to have an unknown impact via a file containing a certain "number of entries" value, which is interpreted improperly, leading to an allocation of insufficient memory.
version 18
redhat via4
advisories
bugzilla
id 473463
title signed integer cast issue in cmsAllocGamma
oval
AND
  • comment Red Hat Enterprise Linux 5 is installed
    oval oval:com.redhat.rhba:tst:20070331001
  • OR
    • AND
      • comment lcms is earlier than 0:1.15-1.2.2.el5_2.2
        oval oval:com.redhat.rhsa:tst:20090011002
      • comment lcms is signed with Red Hat redhatrelease key
        oval oval:com.redhat.rhsa:tst:20090011003
    • AND
      • comment lcms-devel is earlier than 0:1.15-1.2.2.el5_2.2
        oval oval:com.redhat.rhsa:tst:20090011004
      • comment lcms-devel is signed with Red Hat redhatrelease key
        oval oval:com.redhat.rhsa:tst:20090011005
    • AND
      • comment python-lcms is earlier than 0:1.15-1.2.2.el5_2.2
        oval oval:com.redhat.rhsa:tst:20090011006
      • comment python-lcms is signed with Red Hat redhatrelease key
        oval oval:com.redhat.rhsa:tst:20090011007
rhsa
id RHSA-2009:0011
released 2009-01-07
severity Moderate
title RHSA-2009:0011: lcms security update (Moderate)
rpms
  • lcms-0:1.15-1.2.2.el5_2.2
  • lcms-devel-0:1.15-1.2.2.el5_2.2
  • python-lcms-0:1.15-1.2.2.el5_2.2
refmap via4
bid 32708
confirm http://lcms.cvs.sourceforge.net/viewvc/lcms/lcms/src/cmsgamma.c?view=diff&r1=1.16&r2=1.17
debian DSA-1684
mlist [oss-security] 20081128 CVE request: lcms (old issues)
secunia
  • 33066
  • 33219
ubuntu USN-693-1
xf lcms-cmsallocgamma-bo(47120)
Last major update 03-10-2018 - 21:56
Published 03-12-2008 - 17:30
Back to Top