cmsxform.c in LittleCMS (aka lcms or liblcms) 1.18, as used in OpenJDK and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted image that triggers execution of incorrect code for "transformations of monochrome profiles."
Max CVSS
4.3
EPSS Score
5.27%
Published
2009-04-09
Updated
2023-02-13
1 vulnerabilities found