lcms2: Out-of-bounds read in Type_MLU_Read() (CVE-2016-10165)
An out-of-bounds read in cmstypes.c in Type_MLU_Read function was found, leading to heap memory leak triggered by crafted ICC profile.
Patch:
https://github.com/mm2/Little-CMS/commit/5ca71a7bc18b6897ab21d815d15e218e204581e2
Reference:
http://seclists.org/oss-sec/2016/q3/288
(from redmine: issue id 6776, created on 2017-01-31, closed on 2017-02-02)
- Relations:
- child #6777 (closed)
- child #6778 (closed)
- child #6779 (closed)
- child #6780 (closed)
- child #6781 (closed)