http://labs.idefense.com/intelligence/vulnerabilities/
Aug 12, 2008
I. BACKGROUND
Microsoft Windows Color Management Module provides consistent color
mappings between different devices and applications. It is also used to
transform colors between color spaces. For more information about
Windows Color Management, visit the following URL.
http://www.microsoft.com/whdc/archive/icmwp.mspx
VUPEN Vulnerability Research Team discovered a critical vulnerability
in Oracle Java.
The vulnerability is caused by an integer truncation error in the
Color Management Module (CMM) when processing a malformed "bfd" tag
within an ICC profile, which could be exploited by attackers to
execute arbitrary code by tricking a user into visiting a specially
crafted web page.
CVSS Score: 10 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
VUPEN Vulnerability Research Team discovered a critical vulnerability
in Oracle Java.
The vulnerability is caused by an integer overflow error in the Color
Management Module (CMM) when processing a malformed "scrn" tag within
an ICC profile, which could be exploited by attackers to execute arbitrary
code by tricking a user into visiting a specially crafted web page.
CVSS Score: 10 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
VUPEN Vulnerability Research Team discovered a critical vulnerability
in Oracle Java.
The vulnerability is caused by an integer overflow error in the Color
Management Module (CMM) when processing a malformed "pseq" tag within
an ICC profile, which could be exploited by attackers to execute arbitrary
code by tricking a user into visiting a specially crafted web page.
CVSS Score: 10 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
VUPEN Vulnerability Research Team discovered a critical vulnerability
in Oracle Java.
The vulnerability is caused by an integer overflow error in the Color
Management Module (CMM) when processing a malformed "clrt" tag within
an ICC profile, which could be exploited by attackers to execute arbitrary
code by tricking a user into visiting a specially crafted web page.
CVSS Score: 10 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
VUPEN Vulnerability Research Team discovered a critical vulnerability
in Oracle Java.
The vulnerability is caused by an integer overflow error in the Color
Management Module (CMM) when processing a malformed "mluc" tag within
an ICC profile, which could be exploited by attackers to execute arbitrary
code by tricking a user into visiting a specially crafted web page.
CVSS Score: 10 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
#2009-003 LittleCMS integer errors
Description:
LittleCMS, an open source color management engine, suffers from several
integer errors, resulting in stack based buffer overflows and various heap
errors as well as dangerous memory leaks. Decoding a specially crafted
image file will result in unexpected process termination, Denial Of
Service conditions or arbitrary code execution due to stack overflow.
VUPEN Vulnerability Research Team discovered a critical vulnerability
in Oracle Java.
The vulnerability is caused by an integer overflow error in the Color
Management Module (CMM) when processing a malformed "ncl2" tag within
an ICC profile, which could be exploited by attackers to execute arbitrary
code by tricking a user into visiting a specially crafted web page.
CVSS Score: 10 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Problem type : local (remote)
Debian-specific: no
CVE Id(s) : CVE-2008-5316 CVE-2008-5317
Two vulnerabilities have been found in lcms, a library and set of
commandline utilities for image color management. The Common
Vulnerabilities and Exposures project identifies the following
problems:
CVE-2008-5316
