iccDEV Type Confusion Vulnerability in CIccTag:IsTypeCompressed()
Vulnerability
A type confusion vulnerability has been identified in the iccDEV library, specifically in the 'CIccTag:IsTypeCompressed()' function. This issue affects versions prior to 2.3.1.2 and can impact users processing ICC color profiles. The vulnerability arises because the library reads and writes a 32-bit value for an enumeration that should only have a 16-bit range, leading to undefined behavior.
Impact
Exploitation of this vulnerability causes type confusion, where a value is interpreted incorrectly, potentially leading to undefined behavior in the application.
Reproduction
The vulnerability can be reproduced by first downloading an ICC file crafted to trigger the type confusion, then using the 'iccToXml' tool included with iccDEV to process the file. The expected output indicates that the XML was successfully created, but the operation would have involved the incorrect interpretation of the data, demonstrating the type confusion.
Remediation
Users can upgrade to iccDEV version 2.3.1.2, which includes a patch for this vulnerability.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.