FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

lcms2 -- Null Pointer Dereference Denial of Service Vulnerability

Affected packages
lcms2 < 2.5

Details

VuXML ID 9a0a892e-05d8-11e3-ba09-000c29784fd1
Discovery 2013-07-22
Entry 2013-08-15
Modified 2013-08-19

Mageia security team reports:

It was discovered that Little CMS did not properly verify certain memory allocations. If a user or automated system using Little CMS were tricked into opening a specially crafted file, an attacker could cause Little CMS to crash (CVE-2013-4160).

References

CVE Name CVE-2013-4160
URL http://advisories.mageia.org/MGASA-2013-0240.html
URL https://bugs.mageia.org/show_bug.cgi?id=10816