CESA-2007-001 - rev 1

[See all my vulnerabilities at http://scary.beasts.org/security]

lcms ICC parser flaws

Demo JPG: http://scary.beasts.org/misc/badicc4.jpg . Run with "jpegicc badicc4.jpg out.jpg". Seems to be a classic stack-based buffer overflow.

CESA-2007-001 - rev 1
Chris Evans
scarybeasts@gmail.com