Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Wed, 3 Dec 2008 11:52:59 -0500 (EST)
From: "Steven M. Christey" <coley@...us.mitre.org>
To: OSS Security <oss-security@...ts.openwall.com>
cc: coley@...re.org
Subject: Re: CVE request: lcms (old issues)


======================================================
Name: CVE-2008-5316
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5316
Reference: MLIST:[oss-security] 20081128 CVE request: lcms (old issues)
Reference: URL:http://www.openwall.com/lists/oss-security/2008/11/28/3
Reference: CONFIRM:http://lcms.cvs.sourceforge.net/viewvc/lcms/lcms/src/cmsio1.c?r1=1.33&r2=1.34

Buffer overflow in the ReadEmbeddedTextTag function in src/cmsio1.c in
Little cms color engine (aka lcms) before 1.16 allows attackers to
have an unknown impact via vectors related to a length parameter
inconsistency involving the contents of "the input file," a different
vulnerability than CVE-2007-2741.


======================================================
Name: CVE-2008-5317
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5317
Reference: MLIST:[oss-security] 20081128 CVE request: lcms (old issues)
Reference: URL:http://www.openwall.com/lists/oss-security/2008/11/28/3
Reference: CONFIRM:http://lcms.cvs.sourceforge.net/viewvc/lcms/lcms/src/cmsgamma.c?view=diff&r1=1.16&r2=1.17

Integer signedness error in the cmsAllocGamma function in
src/cmsgamma.c in Little cms color engine (aka lcms) before 1.17
allows attackers to have an unknown impact via a file containing a
certain "number of entries" value, which is interpreted improperly,
leading to an allocation of insufficient memory.

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ