Your submission was sent successfully! Close

You have successfully unsubscribed! Close

CVE-2008-5316

Published: 3 December 2008

Buffer overflow in the ReadEmbeddedTextTag function in src/cmsio1.c in Little cms color engine (aka lcms) before 1.16 allows attackers to have an unknown impact via vectors related to a length parameter inconsistency involving the contents of "the input file," a different vulnerability than CVE-2007-2741.

Notes

AuthorNote
kees 
this was included in the USN that addressed CVE-2007-2741.

Priority

Low

Status

Package Release Status
lcms
Launchpad, Ubuntu, Debian 		upstream
Released (1.16)
dapper
Released (1.13-1ubuntu0.1)
gutsy Not vulnerable

hardy Not vulnerable

intrepid Not vulnerable

References

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

Further reading