| Revision Date: | 2013-04-29 | Version: | 12 | | Title: | Multiple stack-based buffer overflows in the ReadSetOfCurves function in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file associated with a large integer value for the (1) input or (2) output channel, related to the ReadLUT_A2B and ReadLUT_B2A functions. | | Description: | Multiple stack-based buffer overflows in the ReadSetOfCurves function in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file associated with a large integer value for the (1) input or (2) output channel, related to the ReadLUT_A2B and ReadLUT_B2A functions. | | Family: | unix | Class: | vulnerability | | Status: | ACCEPTED | Reference(s): | CVE-2009-0733
| | Platform(s): | CentOS Linux 5
Oracle Linux 5
Red Hat Enterprise Linux 5
| Product(s): | | | Definition Synopsis | | RHEL5, CentOS5 or Oracle Linux 5 The operating system installed on the system is Red Hat Enterprise Linux 5
OR The operating system installed on the system is CentOS Linux 5.x
OR Oracle Linux 5.x
AND Configuration section
python-lcms is earlier than 0:1.18-0.1.beta1.el5_3.2
OR lcms-devel is earlier than 0:1.18-0.1.beta1.el5_3.2
OR java-1.6.0-openjdk-src is earlier than 1:1.6.0.0-0.30.b09.el5
OR java-1.6.0-openjdk-javadoc is earlier than 1:1.6.0.0-0.30.b09.el5
OR lcms is earlier than 0:1.18-0.1.beta1.el5_3.2
OR java-1.6.0-openjdk-demo is earlier than 1:1.6.0.0-0.30.b09.el5
OR java-1.6.0-openjdk-devel is earlier than 1:1.6.0.0-0.30.b09.el5
OR java-1.6.0-openjdk is earlier than 1:1.6.0.0-0.30.b09.el5
|
|