iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a stack buffer overflow in CIccTagNum<>:…

iccDEV, a library and toolset for working with ICC color management profiles, contains a stack buffer overflow vulnerability in the CIccTagNum<>::GetValues() function. The vulnerability affects versions prior to 2.3.1.5 and can cause stack memory corruption or application crashes. The issue has been resolved in version 2.3.1.5. This vulnerability could potentially be exploited to cause denial of service or potentially execute arbitrary code through stack corruption.