CVE-2021-21821

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Accusoft ImageGear version 19.9

Description A stack-based buffer overflow issue exists in the PDF process fontname functionality. This can be triggered by a specially crafted malformed file, potentially leading to code execution. An attacker can exploit this by providing a malicious file.

Recommendations For Accusoft ImageGear version 19.9, consider avoiding the use of the PDF process fontname functionality until a patch is available. As a temporary workaround, restrict the handling of untrusted or malicious files to minimize the risk of exploitation.

Exploit

Fix

Memory Corruption

Stack Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-121

Related Identifiers

CVE-2021-21821

Affected Products

Accusoft Imagegear

CVE-2021-21821

Weakness Enumeration

Related Identifiers

Affected Products

References · 3