iccDEV Heap-Use-After-Free Vulnerability in CIccCmm::AddXform() Leading to Invalid vptr Dereference
Vulnerability
A heap-use-after-free vulnerability has been identified in iccDEV versions prior to 2.3.1.5. The issue occurs in the CIccCmm::AddXform() function, where improper memory management leads to the use of freed heap memory. This results in an invalid virtual pointer dereference, causing a crash. The vulnerability requires user interaction and can be exploited locally.
Impact
Exploitation of this vulnerability causes a crash due to a heap-use-after-free error, which can lead to undefined behavior such as memory corruption.
Reproduction
The vulnerability can be reproduced by using the 'iccApplyProfiles' tool included in the iccDEV package. First, download a crafted ICC profile that triggers the use-after-free condition, along with a TIFF file to apply the profile to. Then, run 'iccApplyProfiles' with the TIFF file, the ICC profile, and the appropriate parameters to reproduce the heap-use-after-free vulnerability.
Remediation
Users can update to iccDEV version 2.3.1.5 or later, where this vulnerability has been fixed.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.