CVE-2016-10165

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2016-10165

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-10165.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2016-10165

Downstream

ALPINE-CVE-2016-10165

DEBIAN-CVE-2016-10165

DLA-803-1

DSA-3774-1

RHSA-2016:2079

RHSA-2016:2658

RHSA-2017:2999

RHSA-2017:3046

RHSA-2017:3264

RHSA-2017:3267

RHSA-2017:3268

RHSA-2017:3453

SUSE-SU-2017:2989-1

SUSE-SU-2017:3411-1

SUSE-SU-2017:3440-1

SUSE-SU-2017:3455-1

SUSE-SU-2018:0005-1

SUSE-SU-2018:0061-1

SUSE-SU-2018:3545-1

UBUNTU-CVE-2016-10165

USN-3770-1

openSUSE-SU-2024:10876-1

Related

Published

2017-02-03T19:59:00Z

Modified

2025-08-09T20:01:27Z

Severity

7.1 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H CVSS Calculator

Summary

[none]

Details

The TypeMLURead function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read.

References

Affected packages