Executive Summary

Informations
NameCVE-2009-0733First vendor Publication2009-03-23
VendorCveLast vendor Modification2011-03-07

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score9.3Attack RangeNetwork
Cvss Impact Score10Attack ComplexityMedium
Cvss Expoit Score8.6AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Multiple stack-based buffer overflows in the ReadSetOfCurves function in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file associated with a large integer value for the (1) input or (2) output channel, related to the ReadLUT_A2B and ReadLUT_B2A functions.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0733

CWE : Common Weakness Enumeration

idName
CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:9742
 
Oval ID: oval:org.mitre.oval:def:9742
Title: Multiple stack-based buffer overflows in the ReadSetOfCurves function in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file associated with a large integer value for the (1) input or (2) output channel, related to the ReadLUT_A2B and ReadLUT_B2A functions.
Description: Multiple stack-based buffer overflows in the ReadSetOfCurves function in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file associated with a large integer value for the (1) input or (2) output channel, related to the ReadLUT_A2B and ReadLUT_B2A functions.
Family: unix Class: vulnerability
Reference(s): CVE-2009-0733
Version: 5
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7412
 
Oval ID: oval:org.mitre.oval:def:7412
Title: DSA-1745 lcms -- several vulnerabilities
Description: Several security issues have been discovered in lcms, a color management library. The Common Vulnerabilities and Exposures project identifies the following problems: Chris Evans discovered that lcms is affected by a memory leak, which could result in a denial of service via specially crafted image files. Chris Evans discovered that lcms is prone to several integer overflows via specially crafted image files, which could lead to the execution of arbitrary code. Chris Evans discovered the lack of upper-bounds check on sizes leading to a buffer overflow, which could be used to execute arbitrary code.
Family: unix Class: patch
Reference(s): DSA-1745
CVE-2009-0581
CVE-2009-0723
CVE-2009-0733
Version: 3
Platform(s): Debian GNU/Linux 5.0
Debian GNU/Linux 4.0
Product(s): lcms
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13746
 
Oval ID: oval:org.mitre.oval:def:13746
Title: DSA-1745-1 lcms -- several vulnerabilities
Description: Several security issues have been discovered in lcms, a color management library. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-0581 Chris Evans discovered that lcms is affected by a memory leak, which could result in a denial of service via specially crafted image files. CVE-2009-0723 Chris Evans discovered that lcms is prone to several integer overflows via specially crafted image files, which could lead to the execution of arbitrary code. CVE-2009-0733 Chris Evans discovered the lack of upper-gounds check on sizes leading to a buffer overflow, which could be used to execute arbitrary code. For the stable distribution, these problems have been fixed in version 1.17.dfsg-1+lenny1. For the oldstable distribution, these problems have been fixed in version 1.15-1.1+etch2. For the testing distribution and the unstable distribution, these problems will be fixed soon. We recommend that you upgrade your lcms packages.
Family: unix Class: patch
Reference(s): DSA-1745-1
CVE-2009-0581
CVE-2009-0723
CVE-2009-0733
Version: 5
Platform(s): Debian GNU/Linux 5.0
Debian GNU/Linux 4.0
Product(s): lcms
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13591
 
Oval ID: oval:org.mitre.oval:def:13591
Title: DSA-1745-2 lcms -- several vulnerabilities
Description: This update fixes a possible regression introduced in DSA-1745-1 and also enhances the security patch. For reference the original advisory text is below. Several security issues have been discovered in lcms, a color management library. The Common Vulnerabilities andi Exposures project identifies the following problems: CVE-2009-0581 Chris Evans discovered that lcms is affected by a memory leak, which could result in a denial of service via specially crafted image files. CVE-2009-0723 Chris Evans discovered that lcms is prone to several integer overflows via specially crafted image files, which could lead to the execution of arbitrary code. CVE-2009-0733 Chris Evans discovered the lack of upper-gounds check on sizes leading to a buffer overflow, which could be used to execute arbitrary code. For the stable distribution, these problems have been fixed in version 1.17.dfsg-1+lenny2. For the oldstable distribution, these problems have been fixed in version 1.15-1.1+etch3. For the testing distribution and the unstable distribution, these problems will be fixed soon. We recommend that you upgrade your lcms packages.
Family: unix Class: patch
Reference(s): DSA-1745-2
CVE-2009-0581
CVE-2009-0723
CVE-2009-0733
Version: 5
Platform(s): Debian GNU/Linux 5.0
Debian GNU/Linux 4.0
Product(s): lcms
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13131
 
Oval ID: oval:org.mitre.oval:def:13131
Title: USN-744-1 -- lcms vulnerabilities
Description: Chris Evans discovered that LittleCMS did not properly handle certain error conditions, resulting in a large memory leak. If a user or automated system were tricked into processing an image with malicious ICC tags, a remote attacker could cause a denial of service. Chris Evans discovered that LittleCMS contained multiple integer overflows. If a user or automated system were tricked into processing an image with malicious ICC tags, a remote attacker could crash applications linked against liblcms1, leading to a denial of service, or possibly execute arbitrary code with user privileges. Chris Evans discovered that LittleCMS did not properly perform bounds checking, leading to a buffer overflow. If a user or automated system were tricked into processing an image with malicious ICC tags, a remote attacker could execute arbitrary code with user privileges
Family: unix Class: patch
Reference(s): USN-744-1
CVE-2009-0581
CVE-2009-0723
CVE-2009-0733
Version: 5
Platform(s): Ubuntu 7.10
Ubuntu 8.04
Ubuntu 6.06
Ubuntu 8.10
Product(s): lcms
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22595
 
Oval ID: oval:org.mitre.oval:def:22595
Title: ELSA-2009:0339: lcms security update (Moderate)
Description: Multiple stack-based buffer overflows in the ReadSetOfCurves function in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file associated with a large integer value for the (1) input or (2) output channel, related to the ReadLUT_A2B and ReadLUT_B2A functions.
Family: unix Class: patch
Reference(s): ELSA-2009:0339-01
CVE-2009-0581
CVE-2009-0723
CVE-2009-0733
Version: 17
Platform(s): Oracle Linux 5
Product(s): lcms
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application1
Application11
Application1
Application1

OpenVAS Exploits

DateDescription
2011-08-09Name : CentOS Update for java CESA-2009:0377 centos5 i386
File : nvt/gb_CESA-2009_0377_java_centos5_i386.nasl
2009-12-10Name : Mandriva Security Advisory MDVSA-2009:121-1 (lcms)
File : nvt/mdksa_2009_121_1.nasl
2009-10-13Name : SLES10: Security update for liblcms
File : nvt/sles10_liblcms.nasl
2009-10-11Name : SLES11: Security update for lcms
File : nvt/sles11_lcms.nasl
2009-10-10Name : SLES9: Security update for liblcms
File : nvt/sles9p5045880.nasl
2009-08-17Name : Mandrake Security Advisory MDVSA-2009:162 (java-1.6.0-openjdk)
File : nvt/mdksa_2009_162.nasl
2009-06-23Name : Mandrake Security Advisory MDVSA-2009:137 (java-1.6.0-openjdk)
File : nvt/mdksa_2009_137.nasl
2009-06-05Name : Ubuntu USN-743-1 (gs-gpl)
File : nvt/ubuntu_743_1.nasl
2009-06-05Name : Ubuntu USN-744-1 (lcms)
File : nvt/ubuntu_744_1.nasl
2009-06-05Name : Mandrake Security Advisory MDVSA-2009:121 (lcms)
File : nvt/mdksa_2009_121.nasl
2009-05-11Name : Fedora Core 9 FEDORA-2009-3914 (lcms)
File : nvt/fcore_2009_3914.nasl
2009-05-11Name : Fedora Core 10 FEDORA-2009-3967 (lcms)
File : nvt/fcore_2009_3967.nasl
2009-04-20Name : Gentoo Security Advisory GLSA 200904-19 (littlecms)
File : nvt/glsa_200904_19.nasl
2009-04-15Name : RedHat Security Advisory RHSA-2009:0377
File : nvt/RHSA_2009_0377.nasl
2009-04-15Name : Debian Security Advisory DSA 1769-1 (openjdk-6)
File : nvt/deb_1769_1.nasl
2009-04-15Name : CentOS Security Advisory CESA-2009:0377 (java-1.6.0-openjdk)
File : nvt/ovcesa2009_0377.nasl
2009-03-31Name : Debian Security Advisory DSA 1745-1 (lcms)
File : nvt/deb_1745_1.nasl
2009-03-31Name : Debian Security Advisory DSA 1745-2 (lcms)
File : nvt/deb_1745_2.nasl
2009-03-31Name : Fedora Core 10 FEDORA-2009-2903 (lcms)
File : nvt/fcore_2009_2903.nasl
2009-03-31Name : Fedora Core 9 FEDORA-2009-2910 (lcms)
File : nvt/fcore_2009_2910.nasl
2009-03-31Name : Fedora Core 9 FEDORA-2009-2928 (lcms)
File : nvt/fcore_2009_2928.nasl
2009-03-31Name : Fedora Core 10 FEDORA-2009-2970 (lcms)
File : nvt/fcore_2009_2970.nasl
2009-03-31Name : Fedora Core 10 FEDORA-2009-2982 (java-1.6.0-openjdk)
File : nvt/fcore_2009_2982.nasl
2009-03-31Name : Fedora Core 9 FEDORA-2009-2983 (java-1.6.0-openjdk)
File : nvt/fcore_2009_2983.nasl
2009-03-31Name : Fedora Core 9 FEDORA-2009-3034 (java-1.6.0-openjdk)
File : nvt/fcore_2009_3034.nasl
2009-03-31Name : SuSE Security Summary SUSE-SR:2009:007
File : nvt/suse_sr_2009_007.nasl
2009-03-20Name : RedHat Security Advisory RHSA-2009:0339
File : nvt/RHSA_2009_0339.nasl
0000-00-00Name : Slackware Advisory SSA:2009-083-01 lcms
File : nvt/esoft_slk_ssa_2009_083_01.nasl

Open Source Vulnerability Database (OSVDB)

idDescription
56309Little CMS (lcms) ReadSetOfCurves Function Image File Handling Overflow

Nessus® Vulnerability Scanner

DateDescription
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-0339.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-0377.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20090319_lcms_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2010-01-06Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2009-0377.nasl - Type : ACT_GATHER_INFO
2009-09-24Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_liblcms-6048.nasl - Type : ACT_GATHER_INFO
2009-09-24Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12361.nasl - Type : ACT_GATHER_INFO
2009-09-24Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_lcms-090317.nasl - Type : ACT_GATHER_INFO
2009-07-21Name : The remote openSUSE host is missing a security update.
File : suse_11_1_java-1_6_0-openjdk-090312.nasl - Type : ACT_GATHER_INFO
2009-07-21Name : The remote openSUSE host is missing a security update.
File : suse_11_0_java-1_6_0-openjdk-090312.nasl - Type : ACT_GATHER_INFO
2009-07-21Name : The remote openSUSE host is missing a security update.
File : suse_11_1_lcms-090309.nasl - Type : ACT_GATHER_INFO
2009-07-21Name : The remote openSUSE host is missing a security update.
File : suse_11_0_lcms-090309.nasl - Type : ACT_GATHER_INFO
2009-06-21Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2009-137.nasl - Type : ACT_GATHER_INFO
2009-05-22Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2009-121.nasl - Type : ACT_GATHER_INFO
2009-04-23Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-744-1.nasl - Type : ACT_GATHER_INFO
2009-04-23Name : The remote Fedora host is missing a security update.
File : fedora_2009-2903.nasl - Type : ACT_GATHER_INFO
2009-04-23Name : The remote Fedora host is missing a security update.
File : fedora_2009-2970.nasl - Type : ACT_GATHER_INFO
2009-04-23Name : The remote Fedora host is missing a security update.
File : fedora_2009-2982.nasl - Type : ACT_GATHER_INFO
2009-04-21Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200904-19.nasl - Type : ACT_GATHER_INFO
2009-04-13Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1769.nasl - Type : ACT_GATHER_INFO
2009-04-08Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-0377.nasl - Type : ACT_GATHER_INFO
2009-03-27Name : The remote Fedora host is missing a security update.
File : fedora_2009-3034.nasl - Type : ACT_GATHER_INFO
2009-03-25Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2009-083-01.nasl - Type : ACT_GATHER_INFO
2009-03-24Name : The remote openSUSE host is missing a security update.
File : suse_liblcms-6049.nasl - Type : ACT_GATHER_INFO
2009-03-24Name : The remote Fedora host is missing a security update.
File : fedora_2009-2910.nasl - Type : ACT_GATHER_INFO
2009-03-24Name : The remote Fedora host is missing a security update.
File : fedora_2009-2928.nasl - Type : ACT_GATHER_INFO
2009-03-24Name : The remote Fedora host is missing a security update.
File : fedora_2009-2983.nasl - Type : ACT_GATHER_INFO
2009-03-20Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1745.nasl - Type : ACT_GATHER_INFO
2009-03-20Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-0339.nasl - Type : ACT_GATHER_INFO

Internal Sources (Detail)

SourceUrl
BIDhttp://www.securityfocus.com/bid/34185
BUGTRAQhttp://www.securityfocus.com/archive/1/archive/1/502018/100/0/threaded
http://www.securityfocus.com/archive/1/archive/1/502031/100/0/threaded
CONFIRMhttps://bugzilla.redhat.com/show_bug.cgi?id=487512
DEBIANhttp://www.debian.org/security/2009/dsa-1745
http://www.debian.org/security/2009/dsa-1769
FEDORAhttps://www.redhat.com/archives/fedora-package-announce/2009-March/msg00794.html
https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00799.html
https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00811.html
https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00851.html
https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00856.html
https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00857.html
https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00921.html
GENTOOhttp://security.gentoo.org/glsa/glsa-200904-19.xml
MANDRIVAhttp://www.mandriva.com/security/advisories?name=MDVSA-2009:121
http://www.mandriva.com/security/advisories?name=MDVSA-2009:137
http://www.mandriva.com/security/advisories?name=MDVSA-2009:162
MISChttp://scary.beasts.org/security/CESA-2009-003.html
http://scarybeastsecurity.blogspot.com/2009/03/littlecms-vulnerabilities.html
http://www.ocert.org/advisories/ocert-2009-003.html
REDHAThttp://www.redhat.com/support/errata/RHSA-2009-0339.html
https://rhn.redhat.com/errata/RHSA-2009-0377.html
SECTRACKhttp://www.securitytracker.com/id?1021869
SECUNIAhttp://secunia.com/advisories/34367
http://secunia.com/advisories/34382
http://secunia.com/advisories/34400
http://secunia.com/advisories/34408
http://secunia.com/advisories/34418
http://secunia.com/advisories/34442
http://secunia.com/advisories/34450
http://secunia.com/advisories/34454
http://secunia.com/advisories/34463
http://secunia.com/advisories/34632
http://secunia.com/advisories/34675
http://secunia.com/advisories/34782
SLACKWAREhttp://slackware.com/security/viewer.php?l=slackware-security&y=2009&...
SUSEhttp://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html
UBUNTUhttp://www.ubuntu.com/usn/USN-744-1
VUPENhttp://www.vupen.com/english/advisories/2009/0775
XFhttp://xforce.iss.net/xforce/xfdb/49330
http://xforce.iss.net/xforce/xfdb/49330

Alert History

If you want to see full details history, please login or register.
0
1
DateInformations
2014-02-17 10:49:00
  • Multiple Updates
2013-05-10 23:45:11
  • Multiple Updates