CVE-2016-10165
Published
CVSS v3
7.1
HIGH
CVSS v2
5.8
MEDIUM
Affected
1
PROJECT
Description
The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read.
A free, open source, CMM engine. It provides fast transforms between ICC profiles.
GitHub