cmsxform.c in LittleCMS (aka lcms or liblcms) 1.18, as used in OpenJDK and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted image that triggers execution of incorrect code for "transformations of monochrome profiles."
References
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2009-04-09 15:08
Updated : 2024-02-04 17:33
NVD link : CVE-2009-0793
Mitre link : CVE-2009-0793
CVE.ORG link : CVE-2009-0793
JSON object : View
Products Affected
sun
- openjdk
littlecms
- lcms
CWE
CWE-20
Improper Input Validation