iccDEV Heap-Buffer Overflow Vulnerability in CIccXmlArrayType::ParseText()
Vulnerability
A heap-buffer overflow vulnerability has been identified in the iccDEV library, specifically in the function CIccXmlArrayType::ParseText(). This issue affects versions prior to 2.3.1.2 and arises when the library processes International Color Consortium (ICC) color profiles. The vulnerability can be exploited by manipulating the text input to the parsing function, leading to a buffer overflow that could potentially be exploited to execute arbitrary code or cause a crash.
Impact
Exploitation of this vulnerability leads to a heap-buffer overflow, which can commonly result in memory corruption, the potential execution of arbitrary code, or causing the application to crash.
Reproduction
The vulnerability can be reproduced by using the 'iccFromXml' command-line tool included in the iccDEV package. This tool can be used to process an XML file containing ICC color profile data that triggers the heap-buffer overflow. The 'fil-c' toolchain, a memory-safe implementation of C and C++, can be used to compile and run the 'iccFromXml' tool with AddressSanitizer enabled, which will detect the heap-buffer overflow error.
Remediation
Users can upgrade to iccDEV version 2.3.1.2 or later, where this vulnerability has been patched.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.