CVE-2008-5317

Priority
Description
Integer signedness error in the cmsAllocGamma function in src/cmsgamma.c in
Little cms color engine (aka lcms) before 1.17 allows attackers to have an
unknown impact via a file containing a certain "number of entries" value,
which is interpreted improperly, leading to an allocation of insufficient
memory.
Notes
Package
Source: lcms (LP Ubuntu Debian)
Upstream:released (1.17)
More Information

Updated: 2020-03-18 21:59:06 UTC (commit 2ea7df7bd1e69e1e489978d2724a936eb3faa1b8)