Vulnerabilities

CVE-2008-5317

by Fred · 03/12/2008

Integer signedness error in the cmsAllocGamma function in src/cmsgamma.c in Little cms color engine (aka lcms) before 1.17 allows attackers to have an unknown impact via a file containing a certain "number of entries" value, which is interpreted improperly, leading to an allocation of insufficient memory.

Date published : 2008-12-03

http://www.securityfocus.com/bid/32708

http://lcms.cvs.sourceforge.net/viewvc/lcms/lcms/src/cmsgamma.c?view=diff&r1=1.16&r2=1.17

Similar

Tags: Cybersecurity Alert