VYPR
Unrated severityNVD Advisory· Published Mar 23, 2009· Updated Jun 16, 2026

CVE-2009-0723

CVE-2009-0723

Description

Multiple integer overflows in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

6
  • cpe:2.3:a:gimp:gimp:*:*:*:*:*:*:*:*
    Range: <2.9.2
  • cpe:2.3:a:littlecms:little_cms:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:littlecms:little_cms:*:*:*:*:*:*:*:*range: <=1.17
    • (no CPE)range: <1.18beta2
  • cpe:2.3:a:mozilla:firefox:3.1:beta1:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:mozilla:firefox:3.1:beta1:*:*:*:*:*:*
    • (no CPE)range: 3.1beta
  • cpe:2.3:a:sun:openjdk:*:*:*:*:*:*:*:*
    Range: <=7

Patches

Vulnerability mechanics

References

41

News mentions

0

No linked articles in our index yet.