SecPod SCAP Repo, a repository of SCAP Content (CVE, CCE, CPE, CWE, OVAL and XCCDF)

[Forgot Password]

Paid content will be excluded from the download.

Download | Alert*

CVE

CVE-2009-0581

Date: (C)2009-03-23 (M)2023-12-22

Memory leak in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allows context-dependent attackers to cause a denial of service (memory consumption and application crash) via a crafted image file.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 4.3
Exploit Score: 8.6
Impact Score: 2.9

CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: NONE
Integrity: NONE
Availability: PARTIAL

Reference:

SECTRACK-1021870

http://www.securityfocus.com/archive/1/502018/100/0/threaded

http://www.securityfocus.com/archive/1/502031/100/0/threaded

FEDORA-2009-2903

FEDORA-2009-2910

FEDORA-2009-2928

FEDORA-2009-2970

FEDORA-2009-2982

FEDORA-2009-2983

FEDORA-2009-3034

SSA:2009-083-01

SUSE-SR:2009:007

http://scary.beasts.org/security/CESA-2009-003.html

http://scarybeastsecurity.blogspot.com/2009/03/littlecms-vulnerabilities.html

http://www.ocert.org/advisories/ocert-2009-003.html

https://bugzilla.redhat.com/show_bug.cgi?id=487509

littlecms-unspecified-dos(49328)

oval:org.mitre.oval:def:10023

oval:org.secpod.oval:def:600416
oval:org.secpod.oval:def:300942
oval:org.mitre.oval:def:8037
oval:org.secpod.oval:def:202087
...

© SecPod Technologies