[<prev] [next>] [<thread-prev] [month] [year] [list]
Date: Wed, 3 Dec 2008 11:52:59 -0500 (EST)
From: "Steven M. Christey" <coley@...us.mitre.org>
To: OSS Security <oss-security@...ts.openwall.com>
cc: coley@...re.org
Subject: Re: CVE request: lcms (old issues)
======================================================
Name: CVE-2008-5316
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5316
Reference: MLIST:[oss-security] 20081128 CVE request: lcms (old issues)
Reference: URL:http://www.openwall.com/lists/oss-security/2008/11/28/3
Reference: CONFIRM:http://lcms.cvs.sourceforge.net/viewvc/lcms/lcms/src/cmsio1.c?r1=1.33&r2=1.34
Buffer overflow in the ReadEmbeddedTextTag function in src/cmsio1.c in
Little cms color engine (aka lcms) before 1.16 allows attackers to
have an unknown impact via vectors related to a length parameter
inconsistency involving the contents of "the input file," a different
vulnerability than CVE-2007-2741.
======================================================
Name: CVE-2008-5317
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5317
Reference: MLIST:[oss-security] 20081128 CVE request: lcms (old issues)
Reference: URL:http://www.openwall.com/lists/oss-security/2008/11/28/3
Reference: CONFIRM:http://lcms.cvs.sourceforge.net/viewvc/lcms/lcms/src/cmsgamma.c?view=diff&r1=1.16&r2=1.17
Integer signedness error in the cmsAllocGamma function in
src/cmsgamma.c in Little cms color engine (aka lcms) before 1.17
allows attackers to have an unknown impact via a file containing a
certain "number of entries" value, which is interpreted improperly,
leading to an allocation of insufficient memory.
Please check out the
Open Source Software Security Wiki, which is counterpart to this
mailing list.
Hosted by DataForce ISP -
Powered by Openwall GNU/*/Linux