VYPR
Unrated severityNVD Advisory· Published Mar 23, 2009· Updated Jun 16, 2026

CVE-2009-0733

CVE-2009-0733

Description

Multiple stack-based buffer overflows in the ReadSetOfCurves function in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file associated with a large integer value for the (1) input or (2) output channel, related to the ReadLUT_A2B and ReadLUT_B2A functions.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

6
  • cpe:2.3:a:gimp:gimp:*:*:*:*:*:*:*:*
    Range: <2.9.2
  • cpe:2.3:a:littlecms:little_cms:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:littlecms:little_cms:*:*:*:*:*:*:*:*range: <=1.17
    • (no CPE)range: <1.18beta2
  • cpe:2.3:a:mozilla:firefox:3.1:beta1:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:mozilla:firefox:3.1:beta1:*:*:*:*:*:*
    • (no CPE)range: 3.1beta
  • cpe:2.3:a:sun:openjdk:*:*:*:*:*:*:*:*
    Range: <=7

Patches

Vulnerability mechanics

References

41

News mentions

0

No linked articles in our index yet.

CVE-2009-0733 · VYPR