VYPR
Get started
← All advisories
Unrated severityNVD Advisory· Published Dec 3, 2008· Updated Apr 23, 2026

CVE-2008-5316

CVE-2008-5316

Description

Buffer overflow in the ReadEmbeddedTextTag function in src/cmsio1.c in Little cms color engine (aka lcms) before 1.16 allows attackers to have an unknown impact via vectors related to a length parameter inconsistency involving the contents of "the input file," a different vulnerability than CVE-2007-2741.

Affected products

18
  • Littlecms/Lcms9 versions
    cpe:2.3:a:littlecms:lcms:*:*:*:*:*:*:*:*+ 8 more
    • cpe:2.3:a:littlecms:lcms:*:*:*:*:*:*:*:*range: <=1.15
    • cpe:2.3:a:littlecms:lcms:1.07:*:*:*:*:*:*:*
    • cpe:2.3:a:littlecms:lcms:1.08:*:*:*:*:*:*:*
    • cpe:2.3:a:littlecms:lcms:1.09:*:*:*:*:*:*:*
    • cpe:2.3:a:littlecms:lcms:1.10:*:*:*:*:*:*:*
    • cpe:2.3:a:littlecms:lcms:1.11:*:*:*:*:*:*:*
    • cpe:2.3:a:littlecms:lcms:1.12:*:*:*:*:*:*:*
    • cpe:2.3:a:littlecms:lcms:1.13:*:*:*:*:*:*:*
    • cpe:2.3:a:littlecms:lcms:1.14:*:*:*:*:*:*:*
  • Littlecms/Little Cms Color Engine9 versions
    cpe:2.3:a:littlecms:little_cms_color_engine:*:*:*:*:*:*:*:*+ 8 more
    • cpe:2.3:a:littlecms:little_cms_color_engine:*:*:*:*:*:*:*:*range: <=1.15
    • cpe:2.3:a:littlecms:little_cms_color_engine:1.07:*:*:*:*:*:*:*
    • cpe:2.3:a:littlecms:little_cms_color_engine:1.08:*:*:*:*:*:*:*
    • cpe:2.3:a:littlecms:little_cms_color_engine:1.09:*:*:*:*:*:*:*
    • cpe:2.3:a:littlecms:little_cms_color_engine:1.10:*:*:*:*:*:*:*
    • cpe:2.3:a:littlecms:little_cms_color_engine:1.11:*:*:*:*:*:*:*
    • cpe:2.3:a:littlecms:little_cms_color_engine:1.12:*:*:*:*:*:*:*
    • cpe:2.3:a:littlecms:little_cms_color_engine:1.13:*:*:*:*:*:*:*
    • cpe:2.3:a:littlecms:little_cms_color_engine:1.14:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

8

News mentions

0

No linked articles in our index yet.