Skip to main content

Mondoo Vulnerability Intelligence

Curated by Mondoo Research, enhanced with AI

Resources

Search Vulnerabilities
Trending CVEs
Browse Ecosystems
Terminology
Blog

Open Source

cnquery
cnspec

Star us on GitHub!

Company

Mondoo Platform
About
Contact

© 2026 Mondoo, Inc.

Privacy Policy Terms of Service Imprint

Vulnerability Intelligence

CVE-2009-0581 | Mondoo Vulnerability Intelligence

Vulnerability IntelligenceCVE-2009-0581

CVE-2009-0581

UNKNOWN

Memory leak in LittleCMS (aka lcms or liblcms) before 1

Published Mar 23, 2009

Modified 1 years ago

Details

Memory leak in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allows context-dependent attackers to cause a denial of service (memory consumption and application crash) via a crafted image file.

References(42)

ADVISORYhttp://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html WEBhttp://scary.beasts.org/security/CESA-2009-003.html WEBhttp://scarybeastsecurity.blogspot.com/2009/03/littlecms-vulnerabilities.html ADVISORYhttp://secunia.com/advisories/34367 ADVISORYhttp://secunia.com/advisories/34382 ADVISORYhttp://secunia.com/advisories/34400 ADVISORYhttp://secunia.com/advisories/34408 ADVISORYhttp://secunia.com/advisories/34418 ADVISORYhttp://secunia.com/advisories/34442 ADVISORYhttp://secunia.com/advisories/34450 ADVISORYhttp://secunia.com/advisories/34454 ADVISORYhttp://secunia.com/advisories/34463 ADVISORYhttp://secunia.com/advisories/34632 ADVISORYhttp://secunia.com/advisories/34675 ADVISORYhttp://secunia.com/advisories/34782 ADVISORYhttp://security.gentoo.org/glsa/glsa-200904-19.xml ADVISORYhttp://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.487438 ADVISORYhttp://www.debian.org/security/2009/dsa-1745 ADVISORYhttp://www.debian.org/security/2009/dsa-1769 ADVISORYhttp://www.mandriva.com/security/advisories?name=MDVSA-2009:121 ADVISORYhttp://www.mandriva.com/security/advisories?name=MDVSA-2009:137 ADVISORYhttp://www.mandriva.com/security/advisories?name=MDVSA-2009:162 WEBhttp://www.ocert.org/advisories/ocert-2009-003.html ADVISORYhttp://www.redhat.com/support/errata/RHSA-2009-0339.html WEBhttp://www.securityfocus.com/archive/1/502018/100/0/threaded

CVSS Analysis

CVSS v2.0

4.3

Exploitability

Access Vector

NetworkAV:N

Access Complexity

MediumAC:M

Authentication

NoneAu:N

Impact

Confidentiality

NoneC:N

Integrity

NoneI:N

Availability

PartialA:P

4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P

Ecosystems

Timeline

PublishedMar 23, 2009

ModifiedAug 7, 2024