CVE-2013-7455
Published
CVSS v3
N/A
CVSS v2
10
HIGH
Affected
1
PROJECT
Description
Double free vulnerability in the DefaultICCintents function in cmscnvrt.c in liblcms2 in Little CMS 2.x before 2.6 allows remote attackers to execute arbitrary code via a malformed ICC profile that triggers an error in the default intent handler.
A free, open source, CMM engine. It provides fast transforms between ICC profiles.
GitHub