CVE-2026-34539

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2026-34539
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile and TIFF input can trigger a heap-buffer-overflow (HBO) in CTiffImg::WriteLine(). The issue is observable under AddressSanitizer as an out-of-bounds heap read when running iccSpecSepToTiff on a malicious .icc + .tif pair, leading to a crash during TIFF strip writing. This issue has been patched in version 2.3.1.6.

6.2 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.5 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://github.com/InternationalColorConsortium/iccDEV/issues/672 Issue Tracking Exploit
https://github.com/InternationalColorConsortium/iccDEV/pull/686 Issue Tracking Patch
https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-4f3j-q8mm-5hr6 Patch Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:color:iccdev:*:*:*:*:*:*:*:*
History

20 Apr 2026, 13:52

Type Values Removed Values Added
First Time Color
Color iccdev
CPE cpe:2.3:a:color:iccdev:*:*:*:*:*:*:*:*
References () https://github.com/InternationalColorConsortium/iccDEV/issues/672 - () https://github.com/InternationalColorConsortium/iccDEV/issues/672 - Issue Tracking, Exploit
References () https://github.com/InternationalColorConsortium/iccDEV/pull/686 - () https://github.com/InternationalColorConsortium/iccDEV/pull/686 - Issue Tracking, Patch
References () https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-4f3j-q8mm-5hr6 - () https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-4f3j-q8mm-5hr6 - Patch, Vendor Advisory
Summary
  • (es) iccDEV proporciona un conjunto de bibliotecas y herramientas para trabajar con perfiles de gestión de color ICC. Antes de la versión 2.3.1.6, un perfil ICC manipulado y una entrada TIFF pueden desencadenar un desbordamiento de búfer de pila (HBO) en CTiffImg::WriteLine(). El problema es observable bajo AddressSanitizer como una lectura de pila fuera de límites al ejecutar iccSpecSepToTiff en un par malicioso de .icc + .tif, provocando un fallo durante la escritura de tiras TIFF. Este problema ha sido parcheado en la versión 2.3.1.6.

31 Mar 2026, 22:16

Type Values Removed Values Added
New CVE
Information

Published : 2026-03-31 22:16

Updated : 2026-04-20 13:52

NVD link : CVE-2026-34539

Mitre link : CVE-2026-34539

CVE.ORG link : CVE-2026-34539

JSON object : View

Products Affected

color

  • iccdev
CWE
CWE-122

Heap-based Buffer Overflow