CVE-2007-2741

Published: 17 May 2007

Stack-based buffer overflow in Little CMS (lcms) before 1.15 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ICC profile in a JPG file.

Priority

Status

Package	Release	Status
lcms Launchpad, Ubuntu, Debian	upstream	Released (1.15)
	dapper	Released (1.13-1ubuntu0.1)
	edgy	Not vulnerable
	feisty	Not vulnerable
	gutsy	Not vulnerable
	hardy	Not vulnerable

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2741
https://ubuntu.com/security/notices/USN-652-1
NVD
Launchpad
Debian

Bugs

https://bugs.launchpad.net/ubuntu/+source/lcms/+bug/174613

Join the discussion

Ubuntu security updates mailing list
Security announcements mailing list

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›