Search for packages
| purl | pkg:deb/ubuntu/lcms2@2.2%2Bgit20110628-2ubuntu2 |
| Next non-vulnerable version | 2.9-1ubuntu0.1 |
| Latest non-vulnerable version | 2.9-1ubuntu0.1 |
| Risk | 4.5 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-7g8v-91fw-aaan
Aliases: CVE-2016-10165 |
The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read. |
Affected by 1 other vulnerability. Affected by 1 other vulnerability. |
|
VCID-gmqf-z9b3-aaam
Aliases: CVE-2013-7455 |
Double free vulnerability in the DefaultICCintents function in cmscnvrt.c in liblcms2 in Little CMS 2.x before 2.6 allows remote attackers to execute arbitrary code via a malformed ICC profile that triggers an error in the default intent handler. |
Affected by 3 other vulnerabilities. |
|
VCID-tst4-dhas-aaap
Aliases: CVE-2018-16435 |
Little CMS (aka Little Color Management System) 2.9 has an integer overflow in the AllocateDataSet function in cmscgats.c, leading to a heap-based buffer overflow in the SetData function via a crafted file in the second argument to cmsIT8LoadFromFile. |
Affected by 1 other vulnerability. Affected by 0 other vulnerabilities. |
|
VCID-u5gu-wg1b-aaap
Aliases: CVE-2014-0459 |
Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE Embedded 7u51, allows remote attackers to affect availability via unknown vectors related to 2D. |
Affected by 2 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|