← Back

Lcms

lcms

Vendor: Littlecms • 4 CVEs

CVEs (4)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2009-0793
2Littlecms
Sun
2Lcms
Openjdk
Apr 23, 2026
Apr 9, 2009
N/A· v4
N/A· v3
4.3 MEDIUM· v2
cmsxform.c in LittleCMS (aka lcms or liblcms) 1.18, as used in OpenJDK and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted image that tr...Show more
cmsxform.c in LittleCMS (aka lcms or liblcms) 1.18, as used in OpenJDK and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted image that triggers execution of incorrect code for "transformations of monochrome profiles."Show less
CVE-2008-5317
1Littlecms
2Lcms
Little Cms Color Engine
Apr 23, 2026
Dec 3, 2008
N/A· v4
N/A· v3
10.0 HIGH· v2
Integer signedness error in the cmsAllocGamma function in src/cmsgamma.c in Little cms color engine (aka lcms) before 1.17 allows attackers to have an unknown impact via a file containing a certain "number of entries" va...Show more
Integer signedness error in the cmsAllocGamma function in src/cmsgamma.c in Little cms color engine (aka lcms) before 1.17 allows attackers to have an unknown impact via a file containing a certain "number of entries" value, which is interpreted improperly, leading to an allocation of insufficient memory.Show less
CVE-2008-5316
1Littlecms
2Lcms
Little Cms Color Engine
Apr 23, 2026
Dec 3, 2008
N/A· v4
N/A· v3
10.0 HIGH· v2
Buffer overflow in the ReadEmbeddedTextTag function in src/cmsio1.c in Little cms color engine (aka lcms) before 1.16 allows attackers to have an unknown impact via vectors related to a length parameter inconsistency inv...Show more
Buffer overflow in the ReadEmbeddedTextTag function in src/cmsio1.c in Little cms color engine (aka lcms) before 1.16 allows attackers to have an unknown impact via vectors related to a length parameter inconsistency involving the contents of "the input file," a different vulnerability than CVE-2007-2741.Show less
CVE-2007-2741
1Littlecms
1Lcms
Apr 23, 2026
May 17, 2007
N/A· v4
N/A· v3
9.3 HIGH· v2
Stack-based buffer overflow in Little CMS (lcms) before 1.15 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ICC profile in a JPG file.