|Max CVSS||5.8||Min CVSS||4.3||Total Count||2|
|ID||CVSS||Summary||Last (major) update||Published|
Little CMS (aka Little Color Management System) 2.9 has an integer overflow in the AllocateDataSet function in cmscgats.c, leading to a heap-based buffer overflow in the SetData function via a crafted file in the second argument to cmsIT8LoadFromFile
|05-11-2018 - 20:46||04-09-2018 - 00:29|
The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read.
|30-10-2018 - 16:27||03-02-2017 - 19:59|