PT-2026-24351 · Iccdev · Iccdev

Xsscx

·

Publicado

2026-03-10

·

Atualizado

2026-03-15

·

CVE-2026-30982

CVSS v3.1

6.1

Média

VetorAV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H
Name of the Vulnerable Software and Affected Versions iccDEV versions prior to 2.3.1.5
Description iccDEV is a set of libraries and tools for working with ICC color management profiles. A heap out-of-bounds read exists in the CIccPcsXform::pushXYZConvert() function, leading to a crash and potential memory leakage.
Recommendations Update to version 2.3.1.5 or later.

Exploit

Correção

Improper Validation of Array Index

Out of bounds Read

Heap Based Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-129CWE-125CWE-122

Identificadores relacionados

CVE-2026-30982
GHSA-7WW3-H4W6-X5HF

Produtos afetados

Iccdev