← Back

CVE-2013-7455

nvd nist
Published: May 7, 2016Modified: May 6, 2026

JSON object

Loading...
9.8
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 3.9 / Impact: 5.9
Source: NVD

Description

Double free vulnerability in the DefaultICCintents function in cmscnvrt.c in liblcms2 in Little CMS 2.x before 2.6 allows remote attackers to execute arbitrary code via a malformed ICC profile that triggers an error in the default intent handler.

Affected (6)

Littlecms
1 product
Little Cms Color Engine
Configuration A
6 vulnerable
Vulnerable SoftwareAffected Versions
Littlecms
Little Cms Color Engine
Version 2.0
Little Cms Color Engine
Version 2.1
Little Cms Color Engine
Version 2.2
Little Cms Color Engine
Version 2.3
Little Cms Color Engine
Version 2.4
Little Cms Color Engine
Version 2.5

References (8)

Source: cret@cert.org
Third Party AdvisoryUS Government Resource
Source: cret@cert.org
Source: cret@cert.org
Source: cret@cert.org
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryUS Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.