iccDEV Undefined Behavior Vulnerability in CIccTagCurve Constructor Allowing Out-of-Bounds Read
Vulnerability
A vulnerability causing undefined behavior has been identified in the iccDEV library, specifically in versions prior to 2.3.1.2. The issue arises in the 'CIccTagCurve::CIccTagCurve()' constructor, where improper handling of data can lead to out-of-bounds read errors. This vulnerability affects users processing ICC color profiles with the iccDEV library.
Impact
Exploitation of this vulnerability leads to undefined behavior, with reported cases causing out-of-bounds read errors that could potentially be exploited to read sensitive memory contents or cause a program crash.
Reproduction
The vulnerability can be reproduced by applying certain ICC profiles that trigger the faulty curve handling in the 'CIccTagCurve' class. This can be done using the 'iccApplyNamedCmm' tool included in the iccDEV package, with profiles that contain problematic curve data.
Remediation
Users can upgrade to iccDEV version 2.3.1.2 or later, where this vulnerability has been patched.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.