VYPR
Get started
← All advisories
High severity7.1NVD Advisory· Published Feb 3, 2017· Updated May 13, 2026

CVE-2016-10165

CVE-2016-10165

Description

The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read.

Affected products

58
  • Littlecms/Little CMS Color Engine
    cpe:2.3:a:littlecms:little_cms_color_engine:*:*:*:*:*:*:*:*
    Range: <2.11
  • NetApp/Active Iq Unified Manager2 versions
    cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:*+ 1 more
    • cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:*range: >=9.5
    • cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:*range: >=7.3
  • NetApp/E Series Santricity Management3 versions
    cpe:2.3:a:netapp:e-series_santricity_management:-:*:*:*:*:vmware_sra:*:*+ 2 more
    • cpe:2.3:a:netapp:e-series_santricity_management:-:*:*:*:*:vmware_sra:*:*
    • cpe:2.3:a:netapp:e-series_santricity_management:-:*:*:*:*:vmware_vasa:*:*
    • cpe:2.3:a:netapp:e-series_santricity_management:-:*:*:*:*:vmware_vcenter:*:*
  • NetApp/E Series Santricity Os Controller18 versions
    cpe:2.3:a:netapp:e-series_santricity_os_controller:11.0:*:*:*:*:*:*:*+ 17 more
    • cpe:2.3:a:netapp:e-series_santricity_os_controller:11.0:*:*:*:*:*:*:*
    • cpe:2.3:a:netapp:e-series_santricity_os_controller:11.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:netapp:e-series_santricity_os_controller:11.20:*:*:*:*:*:*:*
    • cpe:2.3:a:netapp:e-series_santricity_os_controller:11.25:*:*:*:*:*:*:*
    • cpe:2.3:a:netapp:e-series_santricity_os_controller:11.30:*:*:*:*:*:*:*
    • cpe:2.3:a:netapp:e-series_santricity_os_controller:11.30.5r3:*:*:*:*:*:*:*
    • cpe:2.3:a:netapp:e-series_santricity_os_controller:11.40:*:*:*:*:*:*:*
    • cpe:2.3:a:netapp:e-series_santricity_os_controller:11.40.3r2:*:*:*:*:*:*:*
    • cpe:2.3:a:netapp:e-series_santricity_os_controller:11.40.5:*:*:*:*:*:*:*
    • cpe:2.3:a:netapp:e-series_santricity_os_controller:11.50.1:*:*:*:*:*:*:*
    • cpe:2.3:a:netapp:e-series_santricity_os_controller:11.50.2:-:*:*:*:*:*:*
    • cpe:2.3:a:netapp:e-series_santricity_os_controller:11.50.2:p1:*:*:*:*:*:*
    • cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60:*:*:*:*:*:*:*
    • cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60.0:*:*:*:*:*:*:*
    • cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60.1:*:*:*:*:*:*:*
    • cpe:2.3:a:netapp:e-series_santricity_os_controller:11.60.3:*:*:*:*:*:*:*
    • cpe:2.3:a:netapp:e-series_santricity_os_controller:11.70.1:*:*:*:*:*:*:*
    • cpe:2.3:a:netapp:e-series_santricity_os_controller:11.70.2:*:*:*:*:*:*:*
  • NetApp/Oncommand Balance
    cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*
  • NetApp/Oncommand Insight
    cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*
  • NetApp/Oncommand Performance Manager
    cpe:2.3:a:netapp:oncommand_performance_manager:-:*:*:*:*:vmware_vsphere:*:*
  • NetApp/Oncommand Shift
    cpe:2.3:a:netapp:oncommand_shift:-:*:*:*:*:*:*:*
  • NetApp/Oncommand Unified Manager2 versions
    cpe:2.3:a:netapp:oncommand_unified_manager:7.1:*:*:*:*:vmware_vsphere:*:*+ 1 more
    • cpe:2.3:a:netapp:oncommand_unified_manager:7.1:*:*:*:*:vmware_vsphere:*:*
    • cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:7-mode:*:*
  • Red Hat/Satellite
    cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*
  • Canonical/Ubuntu Linux4 versions
    cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*+ 3 more
    • cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:esm:*:*:*
  • Debian/Debian Linux
    cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
  • OpenSUSE/Leap
    cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
  • Red Hat/Enterprise Linux Desktop3 versions
    cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
  • Red Hat/Enterprise Linux Server3 versions
    cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
  • Red Hat/Enterprise Linux Server Aus4 versions
    cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*
  • Red Hat/Enterprise Linux Server Eus5 versions
    cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*+ 4 more
    • cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:*:*:*:*:*:*:*
  • Red Hat/Enterprise Linux Server Tus3 versions
    cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*
  • Red Hat/Enterprise Linux Workstation3 versions
    cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

19

News mentions

0

No linked articles in our index yet.