CVE-2009-0581 (NVD)

2009-03-23

Memory leak in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allows context-dependent attackers to cause a denial of service (memory consumption and application crash) via a crafted image file.

Products Gimp, Little_cms, Firefox, Openjdk
Type Improper Release of Memory Before Removing Last Reference (CWE-401)
First patch - None (likely due to unavailable code)
Links http://scary.beasts.org/security/CESA-2009-003.html
http://secunia.com/advisories/34367
http://security.gentoo.org/glsa/glsa-200904-19.xml
https://exchange.xforce.ibmcloud.com/vulnerabilities/49328
http://www.ubuntu.com/usn/USN-744-1