The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
History
20 Dec 2023, 16:43
Type | Values Removed | Values Added |
---|---|---|
First Time |
Netapp e-series Santricity Management
Netapp active Iq Unified Manager Redhat enterprise Linux Server Tus Redhat Netapp oncommand Unified Manager Netapp oncommand Insight Netapp Redhat enterprise Linux Desktop Netapp oncommand Balance Canonical ubuntu Linux Redhat enterprise Linux Server Aus Redhat satellite Netapp oncommand Shift Redhat enterprise Linux Server Eus Netapp oncommand Performance Manager Redhat enterprise Linux Workstation Canonical Redhat enterprise Linux Server Netapp e-series Santricity Os Controller |
|
References | (CONFIRM) http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html - Patch | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2017:3267 - Third Party Advisory | |
References | (CONFIRM) https://security.netapp.com/advisory/ntap-20171019-0001/ - Third Party Advisory | |
References | (UBUNTU) https://usn.ubuntu.com/3770-1/ - Third Party Advisory | |
References | (UBUNTU) https://usn.ubuntu.com/3770-2/ - Third Party Advisory | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2017:3264 - Third Party Advisory | |
References | (REDHAT) http://rhn.redhat.com/errata/RHSA-2016-2079.html - Third Party Advisory | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2017:3046 - Third Party Advisory | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2017:3268 - Third Party Advisory | |
References | (REDHAT) http://rhn.redhat.com/errata/RHSA-2016-2658.html - Third Party Advisory | |
References | (SECTRACK) http://www.securitytracker.com/id/1039596 - Third Party Advisory, VDB Entry | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2017:2999 - Third Party Advisory | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2017:3453 - Third Party Advisory | |
CPE | cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:* cpe:2.3:a:netapp:e-series_santricity_os_controller:11.50.2:p1:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:* cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:* cpe:2.3:a:netapp:e-series_santricity_os_controller:11.30:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:* cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60.3:*:*:*:*:*:*:* cpe:2.3:a:netapp:e-series_santricity_management:-:*:*:*:*:vmware_vasa:*:* cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:* cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:* cpe:2.3:a:netapp:e-series_santricity_os_controller:11.30.5r3:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:esm:*:*:* cpe:2.3:a:netapp:e-series_santricity_os_controller:11.50.1:*:*:*:*:*:*:* cpe:2.3:a:netapp:oncommand_unified_manager:7.1:*:*:*:*:vmware_vsphere:*:* cpe:2.3:a:netapp:e-series_santricity_os_controller:11.50.2:-:*:*:*:*:*:* cpe:2.3:a:netapp:e-series_santricity_os_controller:11.70.2:*:*:*:*:*:*:* cpe:2.3:a:netapp:e-series_santricity_management:-:*:*:*:*:vmware_vcenter:*:* cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:*:*:*:*:*:*:* cpe:2.3:a:netapp:e-series_santricity_management:-:*:*:*:*:vmware_sra:*:* cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:* cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:* cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:7-mode:*:* cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:* cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:* cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:* cpe:2.3:a:netapp:oncommand_performance_manager:-:*:*:*:*:vmware_vsphere:*:* cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60.0:*:*:*:*:*:*:* cpe:2.3:a:netapp:oncommand_shift:-:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:* cpe:2.3:a:netapp:e-series_santricity_os_controller:11.40.5:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:* cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:* cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:e-series_santricity_os_controller:11.40:*:*:*:*:*:*:* cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60.1:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:* cpe:2.3:a:netapp:e-series_santricity_os_controller:11.25:*:*:*:*:*:*:* cpe:2.3:a:netapp:e-series_santricity_os_controller:11.0:*:*:*:*:*:*:* cpe:2.3:a:netapp:e-series_santricity_os_controller:11.70.1:*:*:*:*:*:*:* cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:* cpe:2.3:a:netapp:e-series_santricity_os_controller:11.20:*:*:*:*:*:*:* cpe:2.3:a:netapp:e-series_santricity_os_controller:11.40.3r2:*:*:*:*:*:*:* cpe:2.3:a:netapp:e-series_santricity_os_controller:11.0.0:*:*:*:*:*:*:* |
Information
Published : 2017-02-03 19:59
Updated : 2024-02-28 15:44
NVD link : CVE-2016-10165
Mitre link : CVE-2016-10165
CVE.ORG link : CVE-2016-10165
JSON object : View
Products Affected
redhat
- enterprise_linux_server_tus
- enterprise_linux_workstation
- enterprise_linux_server_eus
- enterprise_linux_server_aus
- enterprise_linux_desktop
- satellite
- enterprise_linux_server
littlecms
- little_cms_color_engine
netapp
- e-series_santricity_management
- active_iq_unified_manager
- e-series_santricity_os_controller
- oncommand_shift
- oncommand_insight
- oncommand_performance_manager
- oncommand_unified_manager
- oncommand_balance
debian
- debian_linux
opensuse
- leap
canonical
- ubuntu_linux
CWE
CWE-125
Out-of-bounds Read