Lucene search
HistoryOct 23, 2023 - 8:15 p.m.
CVE-2023-46602
international color consortium
demoiccmax 79ecb74
stack-based
iccfixxml
iccxml
icclibxml
iccutilxml.cpp
libiccxml.a
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
8.9
Confidence
High
EPSS
0.001
Percentile
41.5%
In International Color Consortium DemoIccMAX 79ecb74, there is a stack-based buffer overflow in the icFixXml function in IccXML/IccLibXML/IccUtilXml.cpp in libIccXML.a.
Affected configurations
Node
colordemoiccmaxMatch2022-06-21
| Vendor | Product | Version | CPE |
|---|---|---|---|
| color | demoiccmax | 2022-06-21 | cpe:2.3:a:color:demoiccmax:2022-06-21:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2023-46602
2023-10-23 00:00:00
vulnrichment
vulnrichment
CVE-2023-46602
2023-10-23 00:00:00
prion
prion
Stack overflow
2023-10-23 20:15:00
cve
cve
CVE-2023-46602
2023-10-23 20:15:09
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
8.9
Confidence
High
EPSS
0.001
Percentile
41.5%
Related for NVD:CVE-2023-46602