← back
CVE-2013-7455

CVE-2013-7455

EPSS 6.2%
Double free vulnerability in the DefaultICCintents function in cmscnvrt.c in liblcms2 in Little CMS 2.x before 2.6 allows remote attackers to execute arbitrary code via a malformed ICC profile that triggers an error in the default intent handler.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/mm2/Little-CMS/commit/fefaaa43c382eee632ea3ad0cfa915335140e1dbhttps://penteston.com/OSVDB-105462http://www.kb.cert.org/vuls/id/369800http://www.ubuntu.com/usn/USN-2961-1