CVE-2008-5317
Publication date 3 December 2008
Last updated 24 July 2024
Ubuntu priority
Integer signedness error in the cmsAllocGamma function in src/cmsgamma.c in Little cms color engine (aka lcms) before 1.17 allows attackers to have an unknown impact via a file containing a certain “number of entries” value, which is interpreted improperly, leading to an allocation of insufficient memory.
Status
Package | Ubuntu Release | Status |
---|---|---|
lcms | 8.10 intrepid |
Fixed 1.16-10ubuntu0.1
|
8.04 LTS hardy |
Fixed 1.16-7ubuntu1.1
|
|
7.10 gutsy |
Fixed 1.16-5ubuntu3.1
|
|
6.06 LTS dapper |
Fixed 1.13-1ubuntu0.1
|