VDB
CVE-2009-0723
CVE-2009-0723
PUBLISHED
Reported by mitre · Published March 23, 2009
Multiple integer overflows in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| n/a | n/a | *, n/a |
Exploit Intelligence
- http://scary.beasts.org/security/CESA-2009-003.html (vulncheck-nvd)
- http://scarybeastsecurity.blogspot.com/2009/03/littlecms-vulnerabilities.html (vulncheck-nvd)
Timeline
- Mar 23, 2009 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
- Sep 8, 2023 EPSS Score
References
- FEDORA-2009-2970 vendor-advisoryx_refsource_FEDORA
- MDVSA-2009:137 vendor-advisoryx_refsource_MANDRIVA
- 34632 third-party-advisoryx_refsource_SECUNIA
- 34450 third-party-advisoryx_refsource_SECUNIA
- 1021869 vdb-entryx_refsource_SECTRACK
- FEDORA-2009-2928 vendor-advisoryx_refsource_FEDORA
- SUSE-SR:2009:007 vendor-advisoryx_refsource_SUSE
- USN-744-1 vendor-advisoryx_refsource_UBUNTU
- DSA-1745 vendor-advisoryx_refsource_DEBIAN
- 34675 third-party-advisoryx_refsource_SECUNIA
- 34454 third-party-advisoryx_refsource_SECUNIA
- 34442 third-party-advisoryx_refsource_SECUNIA
- FEDORA-2009-2982 vendor-advisoryx_refsource_FEDORA
- FEDORA-2009-3034 vendor-advisoryx_refsource_FEDORA
- FEDORA-2009-2903 vendor-advisoryx_refsource_FEDORA
- x_refsource_MISC
- 34382 third-party-advisoryx_refsource_SECUNIA
- SSA:2009-083-01 vendor-advisoryx_refsource_SLACKWARE
- littlecms-unspecified-bo(49326) vdb-entryx_refsource_XF
- x_refsource_CONFIRM
…and 21 more