CVE-2007-2741
Summary
| CVE | CVE-2007-2741 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2007-05-17 19:30:00 UTC |
|---|
| Updated | 2017-07-29 01:31:00 UTC |
|---|
| Description | Stack-based buffer overflow in Little CMS (lcms) before 1.15 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ICC profile in a JPG file. |
|---|
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|
| Support / Security / Advisories / / MDKSA-2007:238 | Mandriva |
MANDRIVA |
www.mandriva.com |
|
| USN-652-1: LittleCMS vulnerability | Ubuntu |
UBUNTU |
www.ubuntu.com |
|
| Ubuntu update for lcms - Secunia Advisories - Vulnerability Intelligence - Secunia.com |
SECUNIA |
secunia.com |
Vendor Advisory |
| Little cms ICC Profile Parsing Buffer Overflow Vulnerability - Advisories - Secunia |
SECUNIA |
secunia.com |
Patch, Vendor Advisory |
| SUSE Update for Multiple Packages - Advisories - Secunia |
SECUNIA |
secunia.com |
Vendor Advisory |
| Little CMS ICC Profile Stack Buffer Overflow Vulnerability |
BID |
www.securityfocus.com |
Exploit, Patch |
| IBM X-Force Exchange |
XF |
exchange.xforce.ibmcloud.com |
|
| 36179 |
OSVDB |
osvdb.org |
|
| Security Announcement |
SUSE |
www.novell.com |
|
| CESA-2007-001 - rev 1 |
MISC |
scary.beasts.org |
Exploit |
| Webmail - OVH |
VUPEN |
www.vupen.com |
Vendor Advisory |
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
Vendor Comments And Credit
| Organization | Published | Contributor | Statement |
|---|
| Red Hat | 2008-12-03 | Tomas Hoger | Not vulnerable. This issue did not affect the versions of lcms as shipped with Red Hat Enterprise Linux 5. |
There are currently no legacy QID mappings associated with this CVE.
