cpe:/a:littlecms:lcms:1.07 cpe:/a:littlecms:lcms:1.08 cpe:/a:littlecms:lcms:1.09 cpe:/a:littlecms:lcms:1.10 cpe:/a:littlecms:lcms:1.11 cpe:/a:littlecms:lcms:1.12 cpe:/a:littlecms:lcms:1.13 cpe:/a:littlecms:lcms:1.14 cpe:/a:littlecms:lcms:1.15 cpe:/a:littlecms:lcms:1.16 cpe:/a:littlecms:little_cms_color_engine:1.07 cpe:/a:littlecms:little_cms_color_engine:1.08 cpe:/a:littlecms:little_cms_color_engine:1.09 cpe:/a:littlecms:little_cms_color_engine:1.10 cpe:/a:littlecms:little_cms_color_engine:1.11 cpe:/a:littlecms:little_cms_color_engine:1.12 cpe:/a:littlecms:little_cms_color_engine:1.13 cpe:/a:littlecms:little_cms_color_engine:1.14 cpe:/a:littlecms:little_cms_color_engine:1.15 cpe:/a:littlecms:little_cms_color_engine:1.16 CVE-2008-5317 2008-12-03T12:30:00.540-05:00 2018-10-03T17:56:27.840-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2008-12-04T10:59:00.000-05:00 BID 32708 SECUNIA 33066 SECUNIA 33219 DEBIAN DSA-1684 REDHAT RHSA-2009:0011 UBUNTU USN-693-1 MLIST [oss-security] 20081128 CVE request: lcms (old issues) CONFIRM http://lcms.cvs.sourceforge.net/viewvc/lcms/lcms/src/cmsgamma.c?view=diff&r1=1.16&r2=1.17 XF lcms-cmsallocgamma-bo(47120) Integer signedness error in the cmsAllocGamma function in src/cmsgamma.c in Little cms color engine (aka lcms) before 1.17 allows attackers to have an unknown impact via a file containing a certain "number of entries" value, which is interpreted improperly, leading to an allocation of insufficient memory.