Vulnerability CVE-2008-5316

Vulnerability Name:

CVE-2008-5316 (CCN-47119)

Assigned:

2007-11-22

Published:

2007-11-22

Updated:

2017-09-29

Summary:

Buffer overflow in the ReadEmbeddedTextTag function in src/cmsio1.c in Little cms color engine (aka lcms) before 1.16 allows attackers to have an unknown impact via vectors related to a length parameter inconsistency involving the contents of "the input file," a different vulnerability than CVE-2007-2741.

CVSS v3 Severity:

7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
7.4 High (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
5.5 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Type:

CWE-119
CWE-20

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2008-5316

Source: CONFIRM
Type: Exploit, Patch
http://lcms.cvs.sourceforge.net/viewvc/lcms/lcms/src/cmsio1.c?r1=1.33&r2=1.34

Source: CCN
Type: RHSA-2009-0011
Moderate: lcms security update

Source: SECUNIA
Type: UNKNOWN
33066

Source: DEBIAN
Type: UNKNOWN
DSA-1684

Source: DEBIAN
Type: DSA-1684
lcms -- multiple vulnerabilities

Source: CCN
Type: Little CMS Web site
Little CMS

Source: CCN
Type: oss-security Mailing List, Fri, 28 Nov 2008 17:12:40 +0100
CVE request: lcms (old issues)

Source: MLIST
Type: Exploit
[oss-security] 20081128 CVE request: lcms (old issues)

Source: REDHAT
Type: UNKNOWN
RHSA-2009:0011

Source: BID
Type: UNKNOWN
32708

Source: CCN
Type: BID-32708
Little CMS Buffer Overflow and Integer Signedness Vulnerabilities

Source: CCN
Type: USN-652-1
LittleCMS vulnerability

Source: XF
Type: UNKNOWN
lcms-readembeddedtexttag-bo(47119)

Source: XF
Type: UNKNOWN
lcms-readembeddedtexttag-bo(47119)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:10531

Vulnerable Configuration:

Configuration 1:

cpe:/a:littlecms:lcms:1.07:*:*:*:*:*:*:*

OR cpe:/a:littlecms:lcms:1.08:*:*:*:*:*:*:*

OR cpe:/a:littlecms:lcms:1.09:*:*:*:*:*:*:*

OR cpe:/a:littlecms:lcms:1.10:*:*:*:*:*:*:*

OR cpe:/a:littlecms:lcms:1.11:*:*:*:*:*:*:*

OR cpe:/a:littlecms:lcms:1.12:*:*:*:*:*:*:*

OR cpe:/a:littlecms:lcms:1.13:*:*:*:*:*:*:*

OR cpe:/a:littlecms:lcms:1.14:*:*:*:*:*:*:*

OR cpe:/a:littlecms:lcms:*:*:*:*:*:*:*:* (Version <= 1.15)

OR cpe:/a:littlecms:little_cms_color_engine:1.07:*:*:*:*:*:*:*

OR cpe:/a:littlecms:little_cms_color_engine:1.08:*:*:*:*:*:*:*

OR cpe:/a:littlecms:little_cms_color_engine:1.09:*:*:*:*:*:*:*

OR cpe:/a:littlecms:little_cms_color_engine:1.10:*:*:*:*:*:*:*

OR cpe:/a:littlecms:little_cms_color_engine:1.11:*:*:*:*:*:*:*

OR cpe:/a:littlecms:little_cms_color_engine:1.12:*:*:*:*:*:*:*

OR cpe:/a:littlecms:little_cms_color_engine:1.13:*:*:*:*:*:*:*

OR cpe:/a:littlecms:little_cms_color_engine:1.14:*:*:*:*:*:*:*

OR cpe:/a:littlecms:little_cms_color_engine:*:*:*:*:*:*:*:* (Version <= 1.15)

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

Configuration CCN 1:

cpe:/a:littlecms:little_cms_color_engine:1.14:*:*:*:*:*:*:*

OR cpe:/a:littlecms:little_cms_color_engine:1.13:*:*:*:*:*:*:*

OR cpe:/a:littlecms:little_cms_color_engine:1.12:*:*:*:*:*:*:*

OR cpe:/a:littlecms:little_cms_color_engine:1.11:*:*:*:*:*:*:*

OR cpe:/a:littlecms:little_cms_color_engine:1.10:*:*:*:*:*:*:*

OR cpe:/a:littlecms:little_cms_color_engine:1.09:*:*:*:*:*:*:*

OR cpe:/a:littlecms:little_cms_color_engine:1.08:*:*:*:*:*:*:*

OR cpe:/a:littlecms:little_cms_color_engine:1.07:*:*:*:*:*:*:*

OR cpe:/a:littlecms:little_cms_color_engine:1.15:*:*:*:*:*:*:*

AND

cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*

OR cpe:/o:canonical:ubuntu:6.06::lts:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0::x86_64:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0::x86_64:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*

OR cpe:/o:debian:debian_linux:4.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.mitre.oval:def:29300	P	RHSA-2009:0011 -- lcms security update (Moderate)	2015-08-17
oval:org.mitre.oval:def:17627	P	USN-652-1 -- lcms vulnerability	2014-06-30
oval:org.mitre.oval:def:18632	P	DSA-1684-1 lcms - multiple vulnerabilities	2014-06-23
oval:org.mitre.oval:def:7206	P	DSA-1684 lcms -- multiple vulnerabilities	2014-06-23
oval:org.mitre.oval:def:21820	P	ELSA-2009:0011: lcms security update (Moderate)	2014-05-26
oval:org.mitre.oval:def:10531	V	Buffer overflow in the ReadEmbeddedTextTag function in src/cmsio1.c in Little cms color engine (aka lcms) before 1.16 allows attackers to have an unknown impact via vectors related to a length parameter inconsistency involving the contents of "the input file," a different vulnerability than CVE-2007-2741.	2013-04-29
oval:com.redhat.rhsa:def:20090011	P	RHSA-2009:0011: lcms security update (Moderate)	2009-01-07
oval:org.debian:def:1684	V	multiple vulnerabilities	2008-12-10

BACK