Double Free Vulnerability in DefaultICCintents Function in liblcms2

Double Free Vulnerability in DefaultICCintents Function in liblcms2

CVE-2013-7455 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

Double free vulnerability in the DefaultICCintents function in cmscnvrt.c in liblcms2 in Little CMS 2.x before 2.6 allows remote attackers to execute arbitrary code via a malformed ICC profile that triggers an error in the default intent handler.

Learn more about our Cms Pen Testing.