4 matches found
CVE-2026-34556
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is a heap-buffer-overflow HBO in icAnsiToUtf8 in the XML conversion path. The issue is triggered by a crafted ICC profile which causes icAnsiToUtf8std::string&, char const ...
CVE-2026-34556 iccDEV: HBO in icAnsiToUtf8()
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is a heap-buffer-overflow HBO in icAnsiToUtf8 in the XML conversion path. The issue is triggered by a crafted ICC profile which causes icAnsiToUtf8std::string&, char const ...
CVE-2026-34556
CVE-2026-34556 affects the iccDEV library prior to 2.3.1.6. A heap-buffer-overflow in icAnsiToUtf8() within the XML conversion path is triggered by a crafted ICC profile, causing code that assumes null-termination to read past allocated memory (ASan reports an out-of-bounds READ of size 115 past ...
iccDEV 缓冲区错误漏洞
iccDEV is an open-source color configuration code library developed by the International Color Consortium. Versions of iccDEV prior to 2.3.1.6 contained a buffer error vulnerability, which was caused by a heap buffer overflow in the icAnsiToUtf8 function during XML conversion...