cnvd - cnvd-2018-16279

cnvd-2018-16279

Vulnerability from cnvd

Title: Little CMS越界写入漏洞

Description:

Little CMS是一个小型色彩管理引擎。

Little CMS 2.9中的tificc中的liblcms2.a中的cmslut.c中的cmsPipelineCheckAndRetreiveStages函数存在越界写入漏洞。攻击者可通过特制TIFF文件利用该漏洞导致越界写入。

Severity: 中

Formal description:

厂商尚未提供漏洞修复方案，请关注厂商主页更新： http://www.littlecms.com/

Reference: https://nvd.nist.gov/vuln/detail/CVE-2018-11556

Impacted products

Name
Little cms Little cms 2.9

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-11556"
    }
  },
  "description": "Little CMS\u662f\u4e00\u4e2a\u5c0f\u578b\u8272\u5f69\u7ba1\u7406\u5f15\u64ce\u3002\r\n\r\nLittle CMS 2.9\u4e2d\u7684tificc\u4e2d\u7684liblcms2.a\u4e2d\u7684cmslut.c\u4e2d\u7684cmsPipelineCheckAndRetreiveStages\u51fd\u6570\u5b58\u5728\u8d8a\u754c\u5199\u5165\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u7279\u5236TIFF\u6587\u4ef6\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u8d8a\u754c\u5199\u5165\u3002",
  "discovererName": "xiaoqx",
  "formalWay": "\u5382\u5546\u5c1a\u672a\u63d0\u4f9b\u6f0f\u6d1e\u4fee\u590d\u65b9\u6848\uff0c\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\u66f4\u65b0\uff1a\r\nhttp://www.littlecms.com/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-16279",
  "openTime": "2018-08-27",
  "products": {
    "product": "Little cms Little cms 2.9"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2018-11556",
  "serverity": "\u4e2d",
  "submitTime": "2018-05-30",
  "title": "Little CMS\u8d8a\u754c\u5199\u5165\u6f0f\u6d1e"
}

CVE-2018-11556 (GCVE-0-2018-11556)

Vulnerability from cvelistv5

Published

2018-05-30 04:00

Modified

2024-08-05 08:10

Severity ?

CWE

Summary

tificc in Little CMS 2.9 has an out-of-bounds write in the cmsPipelineCheckAndRetreiveStages function in cmslut.c in liblcms2.a via a crafted TIFF file. NOTE: Little CMS developers do consider this a vulnerability because the issue is based on an sample program using LIBTIFF and do not apply to the lcms2 library, lcms2 does not depends on LIBTIFF other than to build sample programs, and the issue cannot be reproduced on the lcms2 library.”

References

▼	URL	Tags
	https://github.com/mm2/Little-CMS/issues/167	x_refsource_MISC
	https://github.com/xiaoqx/pocs/tree/master/cms	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T08:10:14.855Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/mm2/Little-CMS/issues/167"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/xiaoqx/pocs/tree/master/cms"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-05-29T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "tificc in Little CMS 2.9 has an out-of-bounds write in the cmsPipelineCheckAndRetreiveStages function in cmslut.c in liblcms2.a via a crafted TIFF file. NOTE: Little CMS developers do consider this a vulnerability because the issue is based on an sample program using LIBTIFF and do not apply to the lcms2 library, lcms2 does not depends on LIBTIFF other than to build sample programs, and the issue cannot be reproduced on the lcms2 library.\u201d"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-08-18T20:36:50",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/mm2/Little-CMS/issues/167"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/xiaoqx/pocs/tree/master/cms"
        }
      ],
      "tags": [
        "disputed"
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-11556",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "** DISPUTED ** tificc in Little CMS 2.9 has an out-of-bounds write in the cmsPipelineCheckAndRetreiveStages function in cmslut.c in liblcms2.a via a crafted TIFF file. NOTE: Little CMS developers do consider this a vulnerability because the issue is based on an sample program using LIBTIFF and do not apply to the lcms2 library, lcms2 does not depends on LIBTIFF other than to build sample programs, and the issue cannot be reproduced on the lcms2 library.\u201d."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/mm2/Little-CMS/issues/167",
              "refsource": "MISC",
              "url": "https://github.com/mm2/Little-CMS/issues/167"
            },
            {
              "name": "https://github.com/xiaoqx/pocs/tree/master/cms",
              "refsource": "MISC",
              "url": "https://github.com/xiaoqx/pocs/tree/master/cms"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-11556",
    "datePublished": "2018-05-30T04:00:00",
    "dateReserved": "2018-05-29T00:00:00",
    "dateUpdated": "2024-08-05T08:10:14.855Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted