iccDEV Heap-Based Buffer Overflow Vulnerability Allowing Use-After-Free and Out-of-Bounds Write
Vulnerability
A vulnerability in iccDEV versions prior to 2.3.1.1 allows for a heap-based buffer overflow, use-after-free, and integer overflow or wraparound vulnerabilities, leading to out-of-bounds write issues. These vulnerabilities arise in the CIccSparseMatrix::CIccSparseMatrix function, where improper handling of matrix sizes can be exploited.
Impact
Exploitation of this vulnerability can lead to a heap-based buffer overflow, causing memory corruption that could be exploited to execute arbitrary code.
Reproduction
The vulnerability can be reproduced by processing a specially crafted ICC color profile that exploits the integer overflow in the CIccSparseMatrix constructor. This can be done by creating a profile that includes a sparse matrix with sizes that, when calculated, exceed the maximum allowed value, causing an overflow and subsequent out-of-bounds write.
Remediation
Users can upgrade to iccDEV version 2.3.1.2 to address this vulnerability.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.