4 matches found
CVE-2026-34534
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger a heap-buffer-overflow HBO in CIccMpeSpectralMatrix::Describe. The issue is observable under AddressSanitizer as an out-of-bounds heap read when...
CVE-2026-34534
iccDEV’s CVE-2026-34534 describes a heap-buffer-overflow in CIccMpeSpectralMatrix::Describe() triggered by processing a crafted ICC profile. Before version 2.3.1.6, this can cause an out-of-bounds heap read observable under AddressSanitizer when running iccDumpProfile on a malicious profile. The ...
CVE-2026-34534
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger a heap-buffer-overflow HBO in CIccMpeSpectralMatrix::Describe. The issue is observable under AddressSanitizer as an out-of-bounds heap read when...
EUVD-2026-17695
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger a heap-buffer-overflow HBO in CIccMpeSpectralMatrix::Describe. The issue is observable under AddressSanitizer as an out-of-bounds heap read when...