#2009-003 LittleCMS integer errors
Description:
LittleCMS, an open source color management engine, suffers from several
integer errors, resulting in stack based buffer overflows and various heap
errors as well as dangerous memory leaks. Decoding a specially crafted
image file will result in unexpected process termination, Denial Of
Service conditions or arbitrary code execution due to stack overflow.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: LittleCMS: Multiple vulnerabilities
Date: April 19, 2009
Bugs: #260269, #264604
ID: 200904-19
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
In general, a standard system upgrade is sufficient to effect the
necessary changes.
Details follow:
Chris Evans discovered that LittleCMS did not properly handle certain error
conditions, resulting in a large memory leak. If a user or automated system
were tricked into processing an image with malicious ICC tags, a remote
attacker could cause a denial of service. (CVE-2009-0581)
Chris Evans discovered that LittleCMS contained multiple integer overflows.
Hi,
LittleCMS (or lcms) prior to v1.18beta2 contains various integer
overflow, buffer overflow and memory leak errors. At least one of
these bugs is a stack-based buffer overflow which is good for
arbitrary code execution. I have an exploit that works on my
Ubuntu-8.10 laptop but am holding off on releasing it just yet.
The most serious bug is a stack-based buffer overflow in
ReadSetOfCurves() in cmsio1.c. With some code paths, validation of the
_______________________________________________________________________
Problem Description:
Multiple security vulnerabilities has been identified and fixed in
Little cms:
A memory leak flaw allows remote attackers to cause a denial of service
(memory consumption and application crash) via a crafted image file
(CVE-2009-0581).
implementation of the Java SE platform.
Creation of large, temporary fonts could use up available disk space,
leading to a denial of service condition (CVE-2006-2426).
Several vulnerabilities existed in the embedded LittleCMS library,
exploitable through crafted images: a memory leak, resulting in a
denial of service condition (CVE-2009-0581), heap-based buffer
overflows, potentially allowing arbitrary code execution
(CVE-2009-0723, CVE-2009-0733), and a null-pointer dereference,
leading to denial of service (CVE-2009-0793).
_______________________________________________________________________
Problem Description:
Multiple security vulnerabilities has been identified and fixed in
Little cms library embedded in OpenJDK:
A memory leak flaw allows remote attackers to cause a denial of service
(memory consumption and application crash) via a crafted image file
(CVE-2009-0581).
_______________________________________________________________________
Problem Description:
Multiple security vulnerabilities has been identified and fixed in
Little cms:
A memory leak flaw allows remote attackers to cause a denial of service
(memory consumption and application crash) via a crafted image file
(CVE-2009-0581).
Affected: Corporate 3.0, Corporate 4.0
_______________________________________________________________________
Problem Description:
Stack-based buffer overflow in Little CMS (lcms) before 1.15 allows
remote attackers to execute arbitrary code or cause a denial of service
(application crash) via a crafted ICC profile in a JPG file.
Updated package fixes this issue.
_______________________________________________________________________
===========================================================
Ubuntu Security Notice USN-693-1 December 17, 2008
LittleCMS vulnerability
CVE-2008-5317
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 7.10
Ubuntu 8.04 LTS
_______________________________________________________________________
Problem Description:
Multiple security vulnerabilities has been identified and fixed in
Little cms library embedded in OpenJDK:
A memory leak flaw allows remote attackers to cause a denial of service
(memory consumption and application crash) via a crafted image file
(CVE-2009-0581).
