CVE-2012-1616

Use-after-free vulnerability in icclib before 2.13, as used by Argyll CMS before 1.4 and possibly other programs, allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted ICC profile file.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:C/I:C/A:C
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 92%
VendorProductVersion
argyllcmsargyllcms
𝑥
≤ 1.3.7
argyllcmsargyllcms
0.1.0
argyllcmsargyllcms
0.2.0
argyllcmsargyllcms
0.2.1
argyllcmsargyllcms
0.2.2
argyllcmsargyllcms
0.3.0
argyllcmsargyllcms
0.6.0
argyllcmsargyllcms
0.7.0:beta_8
argyllcmsargyllcms
1.0.0
argyllcmsargyllcms
1.0.2
argyllcmsargyllcms
1.0.3
argyllcmsargyllcms
1.0.4
argyllcmsargyllcms
1.1.0
argyllcmsargyllcms
1.1.1
argyllcmsargyllcms
1.2.0
argyllcmsargyllcms
1.3.0
argyllcmsargyllcms
1.3.1
argyllcmsargyllcms
1.3.2
argyllcmsargyllcms
1.3.3
argyllcmsargyllcms
1.3.4
argyllcmsargyllcms
1.3.5
argyllcmsargyllcms
1.3.6
coloricclib
𝑥
≤ 2.11
coloricclib
1.23
coloricclib
2.00
coloricclib
2.02
coloricclib
2.03
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
argyll
bullseye
2.0.1+repack-1.1
fixed
squeeze
no-dsa
bookworm
2.3.1+repack-1.1
fixed
sid
3.1.0+repack-1.1
fixed
trixie
3.1.0+repack-1.1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
argyll
cosmic
not-affected
bionic
not-affected
artful
ignored
zesty
ignored
yakkety
ignored
xenial
not-affected
wily
ignored
vivid
ignored
utopic
ignored
trusty
dne
saucy
ignored
raring
ignored
quantal
ignored
precise
ignored
oneiric
ignored
natty
ignored
lucid
ignored
hardy
dne
libicc
cosmic
dne
bionic
dne
artful
dne
zesty
dne
yakkety
dne
xenial
dne
wily
dne
vivid
dne
utopic
dne
trusty
dne
saucy
dne
raring
dne
quantal
ignored
precise
ignored
oneiric
ignored
natty
ignored
lucid
ignored
hardy
dne
Common Weakness Enumeration
References
http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079762.html
http://secunia.com/advisories/48921
http://secunia.com/advisories/49602
http://security.gentoo.org/glsa/glsa-201206-04.xml
http://www.argyllcms.com/icc_readme.html
http://www.osvdb.org/81617
http://www.securityfocus.com/bid/53240
https://bugzilla.redhat.com/show_bug.cgi?id=809697
https://exchange.xforce.ibmcloud.com/vulnerabilities/75162
http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079762.html
http://secunia.com/advisories/48921
http://secunia.com/advisories/49602
http://security.gentoo.org/glsa/glsa-201206-04.xml
http://www.argyllcms.com/icc_readme.html
http://www.osvdb.org/81617
http://www.securityfocus.com/bid/53240
https://bugzilla.redhat.com/show_bug.cgi?id=809697
https://exchange.xforce.ibmcloud.com/vulnerabilities/75162