iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a stack buffer overflow in icFixXml() (s…

iccDEV, a library and toolset for ICC color management profiles, contains a stack buffer overflow vulnerability in the icFixXml() function. The vulnerability stems from unsafe use of strcpy() which can cause stack memory corruption or application crashes. The issue affects versions prior to 2.3.1.5 and has been patched in version 2.3.1.5. This buffer overflow could potentially be exploited by attackers to achieve code execution or cause denial of service conditions.