Summary
Ubuntu Update for Linux kernel vulnerabilities USN-652-1
Solution
Please Install the Updated Packages.
Insight
Chris Evans discovered that certain ICC operations in lcms were not correctly bounds-checked. If a user or automated system were tricked into processing an image with malicious ICC tags, a remote attacker could crash applications linked against liblcms1, leading to a denial of service, or possibly execute arbitrary code with user privileges.
Affected
lcms vulnerability on Ubuntu 6.06 LTS
Severity
Classification
-
CVE CVE-2007-2741 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities