Candidate: CVE-2009-0733
PublicDate: 2009-03-23 14:19:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0733
 https://ubuntu.com/security/notices/USN-744-1
Description:
 Multiple stack-based buffer overflows in the ReadSetOfCurves function in
 LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox
 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute
 arbitrary code via a crafted image file associated with a large integer
 value for the (1) input or (2) output channel, related to the ReadLUT_A2B
 and ReadLUT_B2A functions.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_lcms:
upstream_lcms: released (1.18beta2)
dapper_lcms: released (1.13-1ubuntu0.2)
gutsy_lcms: released (1.16-5ubuntu3.2)
hardy_lcms: released (1.16-7ubuntu1.2)
intrepid_lcms: released (1.16-10ubuntu0.2)
devel_lcms: released (1.17.dfsg-1ubuntu2)