New Search

Vulnerability in Java SE: 7u151 8u144 9; Java SE Embedded: 8u144; JRockit: R28.3.15 - CVE-2016-10165

oval:org.cisecurity:def:3636

The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile which triggers an out-of-bounds heap read.

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows Server 2016
  • Microsoft Windows 7
  • Microsoft Windows Server 2012 R2
  • Microsoft Windows Server 2008 R2
  • Microsoft Windows 8
  • Microsoft Windows Server 2008
  • Microsoft Windows Server 2012
  • Microsoft Windows 8.1
Class:
vulnerability
Reference(s):
  • CVE-2016-10165
Product(s):
  • Java Runtime Environment 1.7
  • Java Development Kit 1.9
  • Java Development Kit 1.7
  • Java Runtime Environment 1.9
  • JRockit R28
  • Java Runtime Environment 1.8
  • Java Development Kit 1.8