LittleCMS, an open source color management engine, suffers from several integer errors, resulting in stack based buffer overflows and various heap errors as well as dangerous memory leaks. Decoding a specially crafted image file will result in unexpected process termination, Denial Of Service conditions or arbitrary code execution due to stack overflow. Versions 1.17 and below are affected.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/75980/oCERT-2009-003.txt
Source: https://packetstormsecurity.com/files/75980/Open-Source-CERT-Security-Advisory-2009.3.html