iccDEV Undefined Behavior Vulnerability in CIccTagLutAtoB::Validate()
Vulnerability
A vulnerability causing undefined behavior has been identified in the iccDEV library, specifically in the CIccTagLutAtoB::Validate() function. This issue, which leads to a heap-buffer-overflow, affects versions of iccDEV prior to 2.3.1.2. The vulnerability arises when the function processes ICC color profiles, as it incorrectly handles channel counts, allowing for potential memory corruption.
Impact
Exploitation of this vulnerability leads to a heap-buffer-overflow, a type of memory corruption that can often be exploited to execute arbitrary code or cause a program to crash.
Reproduction
The vulnerability can be reproduced by loading a specially crafted ICC profile that triggers the channel count mismatch in the CIccTagLutAtoB::Validate() function. This can be done using the 'iccDumpProfile' tool included with iccDEV, after building the application with AddressSanitizer enabled.
Remediation
Users can upgrade to iccDEV version 2.3.1.2 or later, where this vulnerability has been patched.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.