CVE-2018-16435

moderate-risk
Published 2018-09-04

Little CMS (aka Little Color Management System) 2.9 has an integer overflow in the AllocateDataSet function in cmscgats.c, leading to a heap-based buffer overflow in the SetData function via a crafted file in the second argument to cmsIT8LoadFromFile.

Do I need to act?

-
0.45% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
5
CVSS 5.5/10 Medium
LOCAL / LOW complexity

Affected Products (10)

Affected Vendors

Debian Redhat Canonical Littlecms

References (16)

Third Party Advisory https://access.redhat.com/errata/RHSA-2018:3004
Patch https://github.com/mm2/Little-CMS/commit/768f70ca405cd3159d990e962d54456773bb8cf...
Exploit https://github.com/mm2/Little-CMS/issues/171
Mailing List https://lists.debian.org/debian-lts-announce/2018/09/msg00005.html
https://security.gentoo.org/glsa/202105-18
Third Party Advisory https://usn.ubuntu.com/3770-1/
Third Party Advisory https://usn.ubuntu.com/3770-2/
Third Party Advisory https://www.debian.org/security/2018/dsa-4284
Third Party Advisory https://access.redhat.com/errata/RHSA-2018:3004
Patch https://github.com/mm2/Little-CMS/commit/768f70ca405cd3159d990e962d54456773bb8cf...
Exploit https://github.com/mm2/Little-CMS/issues/171
Mailing List https://lists.debian.org/debian-lts-announce/2018/09/msg00005.html
https://security.gentoo.org/glsa/202105-18
Third Party Advisory https://usn.ubuntu.com/3770-1/
Third Party Advisory https://usn.ubuntu.com/3770-2/
Third Party Advisory https://www.debian.org/security/2018/dsa-4284
36
/ 100
moderate-risk
Severity 18/34 · Moderate
Exploitability 2/34 · Minimal
Exposure 16/34 · Moderate