iccDEV Heap-Based Buffer Overflow Vulnerability in Color Profile Processing
Vulnerability
A heap-based buffer overflow vulnerability has been identified in the iccDEV library, specifically in versions prior to 2.3.1.2. The issue arises in the 'SIccCalcOp::Describe()' function within 'IccProfLib/IccMpeCalc.cpp'. This vulnerability affects users who process International Color Consortium (ICC) color profiles, potentially leading to memory corruption.
Impact
Exploitation of this vulnerability causes a heap-based buffer overflow, which can lead to memory corruption and possibly allow for arbitrary code execution.
Reproduction
The vulnerability can be reproduced by processing an ICC file that contains excessive 'op' data, which triggers the buffer overflow in the 'SIccCalcOp::Describe()' function. This can be done using the 'iccToXml' command-line tool included with the iccDEV library, which converts ICC profiles to XML format. The AddressSanitizer can be used to detect the heap-buffer-overflow error during this process.
Remediation
Users can upgrade to iccDEV version 2.3.1.2 or later, where this vulnerability has been patched.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.