The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
History
20 Dec 2023, 16:43
Type | Values Removed | Values Added |
---|---|---|
First Time |
Redhat enterprise Linux Desktop
Redhat enterprise Linux Server Tus Netapp Netapp e-series Santricity Management Netapp active Iq Unified Manager Netapp oncommand Unified Manager Canonical ubuntu Linux Redhat enterprise Linux Server Netapp e-series Santricity Os Controller Redhat satellite Canonical Netapp oncommand Balance Netapp oncommand Insight Netapp oncommand Performance Manager Redhat enterprise Linux Server Aus Redhat Redhat enterprise Linux Server Eus Netapp oncommand Shift Redhat enterprise Linux Workstation |
|
CPE | cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:* cpe:2.3:a:netapp:oncommand_shift:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:e-series_santricity_management:-:*:*:*:*:vmware_vcenter:*:* cpe:2.3:a:netapp:e-series_santricity_management:-:*:*:*:*:vmware_sra:*:* cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:* cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:* cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60.1:*:*:*:*:*:*:* cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:* cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:* cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:7-mode:*:* cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:* cpe:2.3:a:netapp:e-series_santricity_os_controller:11.20:*:*:*:*:*:*:* cpe:2.3:a:netapp:e-series_santricity_os_controller:11.30.5r3:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:*:*:*:*:*:*:* cpe:2.3:a:netapp:e-series_santricity_os_controller:11.50.2:-:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:* cpe:2.3:a:netapp:e-series_santricity_os_controller:11.50.2:p1:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:esm:*:*:* cpe:2.3:a:netapp:e-series_santricity_os_controller:11.70.2:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:* cpe:2.3:a:netapp:e-series_santricity_os_controller:11.0:*:*:*:*:*:*:* cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:* cpe:2.3:a:netapp:e-series_santricity_management:-:*:*:*:*:vmware_vasa:*:* cpe:2.3:a:netapp:e-series_santricity_os_controller:11.0.0:*:*:*:*:*:*:* cpe:2.3:a:netapp:e-series_santricity_os_controller:11.50.1:*:*:*:*:*:*:* cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:* cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:* cpe:2.3:a:netapp:e-series_santricity_os_controller:11.30:*:*:*:*:*:*:* cpe:2.3:a:netapp:e-series_santricity_os_controller:11.25:*:*:*:*:*:*:* cpe:2.3:a:netapp:e-series_santricity_os_controller:11.40.3r2:*:*:*:*:*:*:* cpe:2.3:a:netapp:oncommand_performance_manager:-:*:*:*:*:vmware_vsphere:*:* cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:* cpe:2.3:a:netapp:oncommand_unified_manager:7.1:*:*:*:*:vmware_vsphere:*:* cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:* cpe:2.3:a:netapp:e-series_santricity_os_controller:11.40:*:*:*:*:*:*:* cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:* cpe:2.3:a:netapp:e-series_santricity_os_controller:11.40.5:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:* cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:* cpe:2.3:a:netapp:e-series_santricity_os_controller:11.70.1:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:* cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60.3:*:*:*:*:*:*:* |
|
References | () http://rhn.redhat.com/errata/RHSA-2016-2079.html - Third Party Advisory | |
References | () http://rhn.redhat.com/errata/RHSA-2016-2658.html - Third Party Advisory | |
References | () http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html - Patch | |
References | () http://www.securitytracker.com/id/1039596 - Third Party Advisory, VDB Entry | |
References | () https://access.redhat.com/errata/RHSA-2017:2999 - Third Party Advisory | |
References | () https://access.redhat.com/errata/RHSA-2017:3046 - Third Party Advisory | |
References | () https://access.redhat.com/errata/RHSA-2017:3264 - Third Party Advisory | |
References | () https://access.redhat.com/errata/RHSA-2017:3267 - Third Party Advisory | |
References | () https://access.redhat.com/errata/RHSA-2017:3268 - Third Party Advisory | |
References | () https://access.redhat.com/errata/RHSA-2017:3453 - Third Party Advisory | |
References | () https://security.netapp.com/advisory/ntap-20171019-0001/ - Third Party Advisory | |
References | () https://usn.ubuntu.com/3770-1/ - Third Party Advisory | |
References | () https://usn.ubuntu.com/3770-2/ - Third Party Advisory |
Information
Published : 2017-02-03 19:59
Updated : 2024-01-10 18:26
NVD link : CVE-2016-10165
Mitre link : CVE-2016-10165
CVE.ORG link : CVE-2016-10165
JSON object : View
Products Affected
redhat
- enterprise_linux_server
- enterprise_linux_server_aus
- enterprise_linux_server_tus
- enterprise_linux_desktop
- enterprise_linux_workstation
- satellite
- enterprise_linux_server_eus
littlecms
- little_cms_color_engine
netapp
- oncommand_balance
- oncommand_insight
- active_iq_unified_manager
- oncommand_unified_manager
- oncommand_shift
- e-series_santricity_management
- oncommand_performance_manager
- e-series_santricity_os_controller
opensuse
- leap
debian
- debian_linux
canonical
- ubuntu_linux
CWE
CWE-125
Out-of-bounds Read