SB2026012647 - Multiple vulnerabilities in iccDEV
Published: January 26, 2026 Updated: January 28, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 22 secuirty vulnerabilities.
1) Heap-based buffer overflow (CVE-ID: CVE-2026-24412)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in icCurvesFromXml() function. A remote attacker can pass specially crafted data to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
2) Reliance on undefined behavior (CVE-ID: CVE-2026-24403)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to undefined behavior in icValidateStatus CIccProfile::CheckHeader(). A remote attacker can perform a denial of service (DoS) attack.
3) NULL pointer dereference (CVE-ID: CVE-2026-24404)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in CIccXmlArrayType() function. A remote attacker can pass specially crafted data to the application and perform a denial of service (DoS) attack.
4) Heap-based buffer overflow (CVE-ID: CVE-2026-24405)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in CIccMpeCalculator::Read() function. A remote attacker can pass specially crafted data to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
5) Heap-based buffer overflow (CVE-ID: CVE-2026-24406)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in CIccTagNamedColor2::SetSize() function. A remote attacker can pass specially crafted data to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
6) Reliance on undefined behavior (CVE-ID: CVE-2026-24407)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to undefined behavior in icSigCalcOp() function. A remote attacker can perform a denial of service (DoS) attack.
7) NULL pointer dereference (CVE-ID: CVE-2026-24409)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in CIccTagXmlFloatNum<>::ParseXml() function. A remote attacker can pass specially crafted data to the application and perform a denial of service (DoS) attack.
8) NULL pointer dereference (CVE-ID: CVE-2026-24410)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in CIccProfileXml::ParseBasic() function. A remote attacker can pass specially crafted data to the application and perform a denial of service (DoS) attack.
9) Input validation error (CVE-ID: CVE-2026-24411)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input in CIccTagXmlSegmentedCurve::ToXml() function. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.
10) Heap-based buffer overflow (CVE-ID: CVE-2026-22861)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the "SIccCalcOp::Describe()" in IccProfLib/IccMpeCalc.cpp. A remote attacker can pass specially crafted data to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
11) Type Confusion (CVE-ID: CVE-2026-21693)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a type confusion error in the "CIccSegmentedCurveXml::ToXml()" function in IccXML/IccLibXML/IccMpeXml.cpp. A remote attacker can pass specially crafted data to the application, trigger a type confusion error and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
12) Type Confusion (CVE-ID: CVE-2026-21692)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a type confusion error in the "ToXmlCurve()" function in IccXML/IccLibXML/IccMpeXml.cpp. A remote attacker can pass specially crafted data to the application, trigger a type confusion error and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
13) Type Confusion (CVE-ID: CVE-2026-21691)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a type confusion error in the CIccTag:IsTypeCompressed() function. A remote attacker can pass specially crafted data to the application, trigger a type confusion error and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
14) Type Confusion (CVE-ID: N/A)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a type confusion error in the "ToXmlCurve()" function in IccXML/IccLibXML/IccMpeXml.cpp. A remote attacker can pass specially crafted data to the application, trigger a type confusion error and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
15) Type Confusion (CVE-ID: CVE-2026-21690)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a type confusion error in the CIccTagXmlTagData::ToXml() function. A remote attacker can pass specially crafted data to the application, trigger a type confusion error and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
16) Type Confusion (CVE-ID: CVE-2026-21688)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a type confusion error in the "SIccCalcOp::ArgsPushed()" function in IccProfLib/IccMpeCalc.cpp. A remote attacker can pass specially crafted data to the application, trigger a type confusion error and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
17) Heap-based buffer overflow (CVE-ID: CVE-2026-22255)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the "CIccCLUT::Init()" function in IccProfLib/IccTagLut.cpp. A remote attacker can pass specially crafted data to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
18) Type Confusion (CVE-ID: CVE-2026-21689)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a type confusion error in the "CIccProfileXml::ParseBasic()" function in IccXML/IccLibXML/IccProfileXml.cpp. A remote attacker can pass specially crafted data to the application, trigger a type confusion error and cause a denial of service condition on the target system.
19) Heap-based buffer overflow (CVE-ID: CVE-2026-22046)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the "CIccProfileXml::ParseBasic()" at IccXML/IccLibXML/IccProfileXml.cpp. A remote attacker can pass specially crafted data to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
20) Heap-based buffer overflow (CVE-ID: CVE-2026-22047)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the "SIccCalcOp::Describe()" function in IccProfLib/IccMpeCalc.cpp. A remote attacker can pass specially crafted data to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
21) Reliance on undefined behavior (CVE-ID: N/A)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to undefined behavior in icTagTypeSignature. A remote attacker can execute arbitrary code on the target system.
22) Heap-based buffer overflow (CVE-ID: CVE-2026-24852)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error in the icXmlParseTextString() function. A remote attacker can pass specially crafted data to the application, trigger a heap-based buffer overflow and cause a denial of service condition on the target system.
Remediation
Install update from vendor's website.
References
- https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-6rf4-63j2-cfrf
- https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-ph33-qp8j-5q34
- https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-hqfg-45jp-hp9f
- https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-2r5c-5w66-47vv
- https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-h9h3-45cm-j95f
- https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-m6gx-93cp-4855
- https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-398v-jvcg-p8f3
- https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-398q-4rpv-3v9r
- https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-x53f-7h27-9fc8
- https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-vr49-3vf8-7j5h
- https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-v3q7-7hw6-6jq8
- https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-7662-mf46-wr88
- https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-c9q5-x498-jv92
- https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-2pjj-3c98-qp37
- https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-2f26-vh48-38g6
- https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-3r2x-j7v3-pg6f
- https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-qv2w-mq3g-73gv
- https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-5rqc-w93q-589m
- https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-7v4q-mhr2-hj7r
- https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-22q7-8347-79m5
- https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-w585-cv3v-c396
- https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-q8g2-mp32-3j7f