vulnerability

SUSE: CVE-2018-16435: SUSE Linux Security Advisory

Try Surface Command
Back to search
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:N/I:N/A:P)
Published
2018-09-03
Added
2018-10-28
Modified
2021-10-22

Description

Little CMS (aka Little Color Management System) 2.9 has an integer overflow in the AllocateDataSet function in cmscgats.c, leading to a heap-based buffer overflow in the SetData function via a crafted file in the second argument to cmsIT8LoadFromFile.

Solution(s)

suse-upgrade-java-1_7_0-openjdksuse-upgrade-java-1_7_0-openjdk-demosuse-upgrade-java-1_7_0-openjdk-develsuse-upgrade-java-1_7_0-openjdk-headlesssuse-upgrade-java-1_8_0-openjdksuse-upgrade-java-1_8_0-openjdk-accessibilitysuse-upgrade-java-1_8_0-openjdk-demosuse-upgrade-java-1_8_0-openjdk-develsuse-upgrade-java-1_8_0-openjdk-headlesssuse-upgrade-java-1_8_0-openjdk-javadocsuse-upgrade-java-1_8_0-openjdk-srcsuse-upgrade-lcms2suse-upgrade-liblcms2-2suse-upgrade-liblcms2-2-32bitsuse-upgrade-liblcms2-develsuse-upgrade-liblcms2-devel-32bitsuse-upgrade-liblcms2-doc

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today