← volver
CVE-2013-7455

CVE-2013-7455

EPSS 6.2%
Double free vulnerability in the DefaultICCintents function in cmscnvrt.c in liblcms2 in Little CMS 2.x before 2.6 allows remote attackers to execute arbitrary code via a malformed ICC profile that triggers an error in the default intent handler.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://github.com/mm2/Little-CMS/commit/fefaaa43c382eee632ea3ad0cfa915335140e1dbhttps://penteston.com/OSVDB-105462http://www.kb.cert.org/vuls/id/369800http://www.ubuntu.com/usn/USN-2961-1