VYPR
Critical severity9.8NVD Advisory· Published May 7, 2016· Updated Jun 17, 2026

CVE-2013-7455

CVE-2013-7455

Description

Double free vulnerability in the DefaultICCintents function in cmscnvrt.c in liblcms2 in Little CMS 2.x before 2.6 allows remote attackers to execute arbitrary code via a malformed ICC profile that triggers an error in the default intent handler.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

7
  • cpe:2.3:a:littlecms:little_cms_color_engine:2.0:*:*:*:*:*:*:*+ 5 more
    • cpe:2.3:a:littlecms:little_cms_color_engine:2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:littlecms:little_cms_color_engine:2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:littlecms:little_cms_color_engine:2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:littlecms:little_cms_color_engine:2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:littlecms:little_cms_color_engine:2.4:*:*:*:*:*:*:*
    • cpe:2.3:a:littlecms:little_cms_color_engine:2.5:*:*:*:*:*:*:*
  • Range: <2.6

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.