Lucene search

MitreCVE-2008-5316

HistoryDec 03, 2008 - 5:30 p.m.

CVE-2008-5316

2008-12-0317:30:00

CWE-119

mitre

web.nvd.nist.gov

cve-2008-5316

buffer overflow

little cms color engine

lcms

nvd

cve

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.3

Confidence

Low

EPSS

0.044

Percentile

92.4%

JSON

Buffer overflow in the ReadEmbeddedTextTag function in src/cmsio1.c in Little cms color engine (aka lcms) before 1.16 allows attackers to have an unknown impact via vectors related to a length parameter inconsistency involving the contents of “the input file,” a different vulnerability than CVE-2007-2741.

Affected configurations

Nvd

Node

littlecmslcmsRange≤1.15

littlecmslcmsMatch1.07

littlecmslcmsMatch1.08

littlecmslcmsMatch1.09

littlecmslcmsMatch1.10

littlecmslcmsMatch1.11

littlecmslcmsMatch1.12

littlecmslcmsMatch1.13

littlecmslcmsMatch1.14

littlecmslittle_cms_color_engineRange≤1.15

littlecmslittle_cms_color_engineMatch1.07

littlecmslittle_cms_color_engineMatch1.08

littlecmslittle_cms_color_engineMatch1.09

littlecmslittle_cms_color_engineMatch1.10

littlecmslittle_cms_color_engineMatch1.11

littlecmslittle_cms_color_engineMatch1.12

littlecmslittle_cms_color_engineMatch1.13

littlecmslittle_cms_color_engineMatch1.14

VendorProductVersionCPE
littlecmslcms*cpe:2.3:a:littlecms:lcms:*:*:*:*:*:*:*:*
littlecmslcms1.07cpe:2.3:a:littlecms:lcms:1.07:*:*:*:*:*:*:*
littlecmslcms1.08cpe:2.3:a:littlecms:lcms:1.08:*:*:*:*:*:*:*
littlecmslcms1.09cpe:2.3:a:littlecms:lcms:1.09:*:*:*:*:*:*:*
littlecmslcms1.10cpe:2.3:a:littlecms:lcms:1.10:*:*:*:*:*:*:*
littlecmslcms1.11cpe:2.3:a:littlecms:lcms:1.11:*:*:*:*:*:*:*
littlecmslcms1.12cpe:2.3:a:littlecms:lcms:1.12:*:*:*:*:*:*:*
littlecmslcms1.13cpe:2.3:a:littlecms:lcms:1.13:*:*:*:*:*:*:*
littlecmslcms1.14cpe:2.3:a:littlecms:lcms:1.14:*:*:*:*:*:*:*
littlecmslittle_cms_color_engine*cpe:2.3:a:littlecms:little_cms_color_engine:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
littlecms	lcms	*	cpe:2.3:a:littlecms:lcms::::::::
littlecms	lcms	1.07	cpe:2.3:a:littlecms:lcms:1.07:::::::*
littlecms	lcms	1.08	cpe:2.3:a:littlecms:lcms:1.08:::::::*
littlecms	lcms	1.09	cpe:2.3:a:littlecms:lcms:1.09:::::::*
littlecms	lcms	1.10	cpe:2.3:a:littlecms:lcms:1.10:::::::*
littlecms	lcms	1.11	cpe:2.3:a:littlecms:lcms:1.11:::::::*
littlecms	lcms	1.12	cpe:2.3:a:littlecms:lcms:1.12:::::::*
littlecms	lcms	1.13	cpe:2.3:a:littlecms:lcms:1.13:::::::*
littlecms	lcms	1.14	cpe:2.3:a:littlecms:lcms:1.14:::::::*
littlecms	little_cms_color_engine	*	cpe:2.3:a:littlecms:little_cms_color_engine::::::::