Candidate: CVE-2009-0723
PublicDate: 2009-03-23 14:19:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0723
 https://ubuntu.com/security/notices/USN-744-1
Description:
 Multiple integer overflows in LittleCMS (aka lcms or liblcms) before
 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow
 context-dependent attackers to execute arbitrary code via a crafted image
 file that triggers a heap-based buffer overflow.  NOTE: some of these
 details are obtained from third party information.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_lcms:
upstream_lcms: released (1.18beta2)
dapper_lcms: released (1.13-1ubuntu0.2)
gutsy_lcms: released (1.16-5ubuntu3.2)
hardy_lcms: released (1.16-7ubuntu1.2)
intrepid_lcms: released (1.16-10ubuntu0.2)
devel_lcms: released (1.17.dfsg-1ubuntu2)