|
|
CVE Reference: CVE-2008-5317 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2008-5317 |
|
|
Description: Integer signedness error in the cmsAllocGamma function in src/cmsgamma.c in Little cms color engine (aka lcms) before 1.17 allows attackers to have an unknown impact via a file containing a certain "number of entries" value, which is interpreted improperly, leading to an allocation of insufficient memory. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/47120 UBUNTU http://www.ubuntulinux.org/support/documentation/usn/usn-693-1 SAID Secunia Advisory: SA33066 Secunia Advisory: SA33219 OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10685 MLIST http://www.openwall.com/lists/oss-security/2008/11/28/3 DEBIAN http://www.debian.org/security/2008/dsa-1684 CONFIRM http://lcms.cvs.sourceforge.net/viewvc/lcms/lcms/src/cmsgamma.c?view=diff&r1=1.16&r2=1.17 BID 32708 |
|
| Return to the previous page. |
