Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

De la Théorie à la pratique





















Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Vigil@nce: Little CMS, denial of service via monochrome

May 2009 by Vigil@nce

An image with a malicious ICC profile dereferences a NULL pointer in Little CMS.

- Severity: 1/4
- Consequences: denial of service of client
- Provenance: document
- Means of attack: no proof of concept, no attack
- Ability of attacker: expert (4/4)
- Confidence: confirmed by the editor (5/5)
- Diffusion of the vulnerable configuration: high (3/3)
- Creation date: 11/05/2009

IMPACTED PRODUCTS

- Fedora
- Unix - plateform

DESCRIPTION OF THE VULNERABILITY

The Little CMS (lcms, Color Management System) library handles images.

The ICC (International Color Consortium) profile defines color variations needed by each device in order to display identical colors. Some image types, such as JPEG or PNG, can contain ICC profiles.

The cmsBuildGrayOutputMatrixShaper() function of the src/cmsxform.c file of Little CMS reads the monochrome ICC profile of an image. When the profile is invalid, the cmsReadICCGamma() function returns a NULL pointer, which is dereferenced in cmsBuildGrayOutputMatrixShaper().

An attacker can therefore invite the victim to open a malicious image in a software using a monochrome display, in order to stop the application.

CHARACTERISTICS

- Identifiers: CVE-2009-0793, FEDORA-2009-3425, FEDORA-2009-3426, FEDORA-2009-3914, FEDORA-2009-3967, VIGILANCE-VUL-8700
- Url: http://vigilance.fr/vulnerability/Little-CMS-denial-of-service-via-monochrome-8700




See previous articles

    

See next articles