This script is Copyright (C) 2012 Tenable Network Security, Inc.
The remote Scientific Linux host is missing one or more security
Multiple integer overflow flaws which could lead to heap-based buffer
overflows, as well as multiple insufficient input validation flaws,
were found in LittleCMS. An attacker could use these flaws to create a
specially-crafted image file which could cause an application using
LittleCMS to crash, or, possibly, execute arbitrary code when opened
by a victim. (CVE-2009-0723, CVE-2009-0733)
A memory leak flaw was found in LittleCMS. An application using
LittleCMS could use excessive amount of memory, and possibly crash
after using all available memory, if used to open specially-crafted
All running applications using the lcms library must be restarted for
the update to take effect.
See also :
Update the affected lcms, lcms-devel and / or python-lcms packages.
Risk factor :
High / CVSS Base Score : 9.3