CVE-2005-1219

EXPLOITED

Microsoft Color Management Module - RCE

Title source: llm
STIX 2.1

Exploitation Summary

CVE-2005-1219 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 2 public exploits from researchers including darkeagle, snooq.

AI-analyzed exploit summary This exploit targets a stack overflow vulnerability in Microsoft's ICC profile parsing (CVE-2005-1219) via a malformed JPEG file. It uses a crafted ICC profile to trigger a buffer overflow, allowing arbitrary code execution.

Description

Buffer overflow in the Microsoft Color Management Module for Windows allows remote attackers to execute arbitrary code via an image with crafted ICC profile format tags.

Exploits (2)

exploitdb WORKING POC VERIFIED
by darkeagle · cremotewindows
https://www.exploit-db.com/exploits/1506

This exploit targets a stack overflow vulnerability in Microsoft's ICC profile parsing (CVE-2005-1219) via a malformed JPEG file. It uses a crafted ICC profile to trigger a buffer overflow, allowing arbitrary code execution.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Microsoft Windows (XP SP1 tested)
No auth needed
Prerequisites: Victim must open the malicious JPEG file
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by snooq · cdoswindows
https://www.exploit-db.com/exploits/1116

This exploit targets a stack-based buffer overflow in the `GetColorProfileElement` function of the Microsoft Color Management Module (ICM32.dll) via a malformed ICC profile in a JPEG file. It manipulates the `redMatrixColumnTag` size field to overwrite stack content, including the saved EIP, to achieve arbitrary code execution.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Moderate
Reliability
Racy
Target: Microsoft Color Management Module (ICM32.dll) in Windows
No auth needed
Prerequisites: Victim must open the malformed JPEG file
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (10)

Core 10
Core References
US Government Resource third-party-advisory x_refsource_cert
http://www.us-cert.gov/cas/techalerts/TA05-193A.html
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A769
US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/720742
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1280
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A440
Patch, Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/16004/
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/14214
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1125
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A330

Scores

EPSS 0.8108
EPSS Percentile 99.2%

Details

VulnCheck KEV 2005-07-12
Status published
Products (1)
microsoft/image_color_management
Published Jul 12, 2005
Tracked Since Feb 18, 2026