Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2009:0339
HistoryMar 19, 2009 - 12:00 a.m.

(RHSA-2009:0339) Moderate: lcms security update

2009-03-1900:00:00
access.redhat.com
26

0.004 Low

EPSS

Percentile

74.5%

JSON

Little Color Management System (LittleCMS, or simply β€œlcms”) is a
small-footprint, speed-optimized open source color management engine.

Multiple integer overflow flaws which could lead to heap-based buffer
overflows, as well as multiple insufficient input validation flaws, were
found in LittleCMS. An attacker could use these flaws to create a
specially-crafted image file which could cause an application using
LittleCMS to crash, or, possibly, execute arbitrary code when opened by a
victim. (CVE-2009-0723, CVE-2009-0733)

A memory leak flaw was found in LittleCMS. An application using LittleCMS
could use excessive amount of memory, and possibly crash after using all
available memory, if used to open specially-crafted images. (CVE-2009-0581)

Red Hat would like to thank Chris Evans from the Google Security Team for
reporting these issues.

All users of LittleCMS should install these updated packages, which upgrade
LittleCMS to version 1.18. All running applications using the lcms library
must be restarted for the update to take effect.

OSVersionArchitecturePackageVersionFilename
RedHat5s390lcms<Β 1.18-0.1.beta1.el5_3.2lcms-1.18-0.1.beta1.el5_3.2.s390.rpm
RedHat5ia64python-lcms<Β 1.18-0.1.beta1.el5_3.2python-lcms-1.18-0.1.beta1.el5_3.2.ia64.rpm
RedHat5s390lcms-devel<Β 1.18-0.1.beta1.el5_3.2lcms-devel-1.18-0.1.beta1.el5_3.2.s390.rpm
RedHat5x86_64lcms<Β 1.18-0.1.beta1.el5_3.2lcms-1.18-0.1.beta1.el5_3.2.x86_64.rpm
RedHat5i386python-lcms<Β 1.18-0.1.beta1.el5_3.2python-lcms-1.18-0.1.beta1.el5_3.2.i386.rpm
RedHat5ia64lcms-devel<Β 1.18-0.1.beta1.el5_3.2lcms-devel-1.18-0.1.beta1.el5_3.2.ia64.rpm
RedHat5i386lcms<Β 1.18-0.1.beta1.el5_3.2lcms-1.18-0.1.beta1.el5_3.2.i386.rpm
RedHat5s390xlcms-devel<Β 1.18-0.1.beta1.el5_3.2lcms-devel-1.18-0.1.beta1.el5_3.2.s390x.rpm
RedHat5x86_64lcms-devel<Β 1.18-0.1.beta1.el5_3.2lcms-devel-1.18-0.1.beta1.el5_3.2.x86_64.rpm
RedHat5s390xpython-lcms<Β 1.18-0.1.beta1.el5_3.2python-lcms-1.18-0.1.beta1.el5_3.2.s390x.rpm
Rows per page:
1-10 of 201

Related

nessus 28
openvas 57
fedora 9
ubuntu 1
seebug 1
debian 3
oraclelinux 2
slackware 1
osv 2
gentoo 1
securityvulns 3
veracode 3
nvd 3
ubuntucve 3
cvelist 3
prion 3
cve 3
centos 1
redhat 1
nessus
nessus
SuSE 11 Security Update : lcms (SAT Patch Number 635)
2009-09-24 00:00:00
openSUSE Security Update : lcms (lcms-581)
2009-07-21 00:00:00
openSUSE Security Update : java-1_6_0-openjdk (java-1_6_0-openjdk-602)
2009-07-21 00:00:00
openvas
openvas
Fedora Core 10 FEDORA-2009-2982 (java-1.6.0-openjdk)
2009-03-31 00:00:00
Slackware: Security Advisory (SSA:2009-083-01)
2012-09-10 00:00:00
Fedora Core 10 FEDORA-2009-2970 (lcms)
2009-03-31 00:00:00
fedora
fedora
[SECURITY] Fedora 9 Update: lcms-1.18-0.1.beta2.fc9
2009-03-23 15:54:25
[SECURITY] Fedora 10 Update: lcms-1.18-1.fc10
2009-03-23 15:53:15
[SECURITY] Fedora 10 Update: java-1.6.0-openjdk-1.6.0.0-11.b14.fc10
2009-03-24 05:31:44
ubuntu
ubuntu
LittleCMS vulnerabilities
2009-03-23 00:00:00
seebug
seebug
Little CMSε†…ε­˜ζ³„ιœ²εŠζ•΄ζ•°ζΊ’ε‡ΊζΌζ΄ž
2009-03-23 00:00:00
debian
debian
[SECURITY] [DSA 1745-1] New lcms packages fix arbitrary code execution
2009-03-20 09:16:54
[SECURITY] [DSA 1745-2] New lcms packages fix regression
2009-03-25 11:32:18
[SECURITY] [DSA 1769-1] New openjdk-6 packages fix arbitrary code execution
2009-04-11 14:38:24
oraclelinux
oraclelinux
lcms security update
2009-03-19 00:00:00
java-1.6.0-openjdk security update
2009-04-07 00:00:00
slackware
slackware
lcms
2009-03-24 16:43:23
osv
osv
lcms - arbitrary code execution
2009-03-20 00:00:00
openjdk-6 - arbitrary code execution
2009-04-11 00:00:00
gentoo
gentoo
LittleCMS: Multiple vulnerabilities
2009-04-19 00:00:00
securityvulns
securityvulns
lcms multiple security vulnerabilities
2009-05-25 00:00:00
[ GLSA 200904-19 ] LittleCMS: Multiple vulnerabilities
2009-04-20 00:00:00
Daily web applications security vulnerabilities summary &#40;PHP, ASP, JSP, CGI, Perl&#41;
2009-04-20 00:00:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:30:32
Denial Of Service (DoS)
2020-04-10 00:30:31
Arbitrary Code Execution
2020-04-10 00:30:32
nvd
nvd
CVE-2009-0733
2009-03-23 14:19:12
CVE-2009-0581
2009-03-23 14:19:12
CVE-2009-0723
2009-03-23 14:19:12
ubuntucve
ubuntucve
CVE-2009-0733
2009-03-23 00:00:00
CVE-2009-0723
2009-03-23 00:00:00
CVE-2009-0581
2009-03-23 00:00:00
cvelist
cvelist
CVE-2009-0581
2009-03-23 14:00:00
CVE-2009-0733
2009-03-23 14:00:00
CVE-2009-0723
2009-03-23 14:00:00
prion
prion
Memory corruption
2009-03-23 14:19:00
Stack overflow
2009-03-23 14:19:00
Integer overflow
2009-03-23 14:19:00
cve
cve
CVE-2009-0581
2009-03-23 14:19:12
CVE-2009-0733
2009-03-23 14:19:12
CVE-2009-0723
2009-03-23 14:19:12
centos
centos
java security update
2009-04-08 11:56:07
redhat
redhat
(RHSA-2009:0377) Important: java-1.6.0-openjdk security update
2009-04-07 00:00:00

0.004 Low

EPSS

Percentile

74.5%

JSON
Related for RHSA-2009:0339
nessus28openvas57fedora9ubuntu1seebug1debian3oraclelinux2slackware1osv2gentoo1securityvulns3veracode3nvd3ubuntucve3cvelist3prion3cve3centos1redhat1