Vulnerability in Argyllcms
CVE-2012-1616
Use-after-free vulnerability in icclib before 2.13, as used by Argyll CMS before 1.4 and possibly other programs, allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted ICC profile file.
EPSS: 0.048 (90.8th percentile) — read the EPSS interpretation.
Affected products
- Argyllcms — versions 0.1.0, 0.2.0, 0.2.1
- Color Icclib — versions 1.23, 2.00, 2.02
- N/a — versions n/a
Weakness classification (CWE)
References
- secalert@redhat.com (vdb-entry, x_refsource_XF)
- secalert@redhat.com (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
- secalert@redhat.com (x_refsource_MISC)
- secalert@redhat.com (x_refsource_OSVDB, vdb-entry)
- secalert@redhat.com (x_refsource_MISC)
- secalert@redhat.com (vdb-entry, x_refsource_BID)
- secalert@redhat.com (vendor-advisory, x_refsource_GENTOO)
- secalert@redhat.com (vendor-advisory, x_refsource_FEDORA)
- secalert@redhat.com (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)