MGASA-2013-0240

Source
https://advisories.mageia.org/MGASA-2013-0240.html
Import Source
https://advisories.mageia.org/MGASA-2013-0240.json
JSON Data
https://api.osv.dev/v1/vulns/MGASA-2013-0240
Related
Published
2013-08-09T17:30:53Z
Modified
2013-08-09T17:30:42Z
Summary
Updated lcms2 packages fixes security vulnerability
Details

It was discovered that Little CMS did not properly verify certain memory allocations. If a user or automated system using Little CMS were tricked into opening a specially crafted file, an attacker could cause Little CMS to crash (CVE-2013-4160).

References
Credits

Affected packages

Mageia:2 / lcms2

Package

Name
lcms2
Purl
pkg:rpm/mageia/lcms2?distro=mageia-2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.5-1.mga2

Ecosystem specific

{
    "section": "core"
}

Mageia:3 / lcms2

Package

Name
lcms2
Purl
pkg:rpm/mageia/lcms2?distro=mageia-3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.5-1.mga3

Ecosystem specific

{
    "section": "core"
}