iccDEV Type Confusion Vulnerability in CIccTagXmlTagData::ToXml()
Vulnerability
A type confusion vulnerability has been identified in the iccDEV library, specifically in the CIccTagXmlTagData::ToXml() function. This issue affects versions prior to 2.3.1.2 and can lead to undefined behavior when processing International Color Consortium (ICC) color profiles. The vulnerability arises from the improper handling of the 'icDataBlockType' enum, allowing invalid values to be loaded and potentially exploited.
Impact
Exploitation of this vulnerability causes type confusion, leading to undefined behavior in the application. Such undefined behavior can often be manipulated to cause more severe issues, such as memory corruption or arbitrary code execution.
Reproduction
The vulnerability can be reproduced by downloading an ICC file that triggers the type confusion, such as one containing a data block type value that is not valid. After obtaining the file, it can be processed with the 'iccToXml' command, which will convert the ICC data into XML format. The type confusion vulnerability will be triggered during this conversion process, resulting in a runtime error that indicates a load of an invalid value for the 'icDataBlockType' enum.
Remediation
Users can upgrade to iccDEV version 2.3.1.2 or later, where this vulnerability has been patched.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.