mirror of
https://github.com/0xMarcio/cve.git
synced 2026-02-13 07:12:47 +00:00
783 B
783 B
CVE-2016-10165
Description
The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read.
POC
Reference
- http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
- https://usn.ubuntu.com/3770-1/