CVE-2007-2741

Publication date 17 May 2007

Last updated 24 July 2024

Ubuntu priority

Stack-based buffer overflow in Little CMS (lcms) before 1.15 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ICC profile in a JPG file.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
lcms	8.04 LTS hardy	Not affected
	7.10 gutsy	Not affected
	7.04 feisty	Not affected
	6.10 edgy	Not affected
	6.06 LTS dapper	Fixed 1.13-1ubuntu0.1

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-652-1
LittleCMS vulnerability
14 October 2008

Other references

https://www.cve.org/CVERecord?id=CVE-2007-2741