cmsxform.c in LittleCMS (aka lcms or liblcms) 1.18, as used in OpenJDK and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted image that triggers execution of incorrect code for "transformations of monochrome profiles."
References
Configurations
Configuration 1 (hide)
|
History
13 Feb 2023, 01:17
Type | Values Removed | Values Added |
---|---|---|
Summary | cmsxform.c in LittleCMS (aka lcms or liblcms) 1.18, as used in OpenJDK and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted image that triggers execution of incorrect code for "transformations of monochrome profiles." | |
References |
|
02 Feb 2023, 14:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | CVE-2009-0793 lcms: Null pointer dereference (DoS) by handling transformations of monochrome profiles |
Information
Published : 2009-04-09 15:08
Updated : 2023-12-10 10:51
NVD link : CVE-2009-0793
Mitre link : CVE-2009-0793
CVE.ORG link : CVE-2009-0793
JSON object : View
Products Affected
littlecms
- lcms
sun
- openjdk
CWE
CWE-20
Improper Input Validation