iccDEV Heap-Buffer-Overflow Vulnerability in IccMemDump Function
Vulnerability
A heap-buffer-overflow vulnerability has been identified in iccDEV versions prior to 2.3.1.6. This issue arises when a crafted ICC profile is processed by the 'iccDumpProfile' tool, specifically in the 'icMemDump()' function. The vulnerability occurs as the function attempts to dump and describe malformed tag contents, leading to an out-of-bounds heap read. This vulnerability is related to improper handling of tag data sizes, allowing for memory access violations that could potentially be exploited.
Impact
Exploitation of this vulnerability causes a heap-buffer-overflow, which can lead to memory corruption and potentially allow for arbitrary code execution.
Reproduction
The vulnerability can be reproduced by using a crafted ICC profile that triggers the heap-buffer-overflow when processed with the 'iccDumpProfile' tool. This can be done by loading the profile with the tool, which will then attempt to dump the malformed tag contents, exposing the vulnerability under AddressSanitizer.
Remediation
Users can update to iccDEV version 2.3.1.6 or later, where this vulnerability has been fixed.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.