CVE-2026-34542 in iccDEVinformação

Sumário (Inglês)

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger a stack-buffer-overflow (SBO) in CIccCalculatorFunc::Apply() when processed via iccApplyNamedCmm. Under AddressSanitizer, the failure is reported as a 4-byte write stack-buffer-overflow in IccProfLib/IccMpeCalc.cpp:3873, reachable through the MPE calculator / curve set initialization path. This issue has been patched in version 2.3.1.6.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Responsável

GitHub_M

Reservar

30/03/2026

Divulgação

01/04/2026

Estado

Confirmado

Inscrições

VulDB provides additional information and datapoints for this CVE:

IDVulnerabilidadeCWEExpConCVE
354579InternationalColorConsortium iccDEV ICC Color Profile IccMpeCalc.cpp Apply Excesso de tampão121Não definidoCorreção oficialCVE-2026-34542

Descrição

CPE

CWE

CVSS

Explorações

História

Diferença

Relacionar

Inteligência de ameaças

API JSON

API XML

API CSV

Fontes

VoltarVisão GeralPróximo

Do you need the next level of professionalism?

Upgrade your account now!