High severity7.8NVD Advisory· Published May 30, 2018· Updated Jun 17, 2026
CVE-2018-11555
CVE-2018-11555
Description
tificc in Little CMS 2.9 has an out-of-bounds write in the PrecalculatedXFORM function in cmsxform.c in liblcms2.a via a crafted TIFF file. NOTE: Little CMS developers do consider this a vulnerability because the issue is based on an sample program using LIBTIFF and do not apply to the lcms2 library, lcms2 does not depends on LIBTIFF other than to build sample programs, and the issue cannot be reproduced on the lcms2 library.”
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: =2.9
Patches
Vulnerability mechanics
References
2- github.com/mm2/Little-CMS/issues/167nvdThird Party Advisory
- github.com/xiaoqx/pocs/tree/master/cmsnvdThird Party Advisory
News mentions
0No linked articles in our index yet.