PT-2021-14800 · Accusoft · Accusoft Imagegear
Emmanuel Tacheau
·
Published
2021-06-11
·
Updated
2022-08-24
·
CVE-2021-21824
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Accusoft ImageGear version 19.9
Description
An out-of-bounds write issue exists in the JPG Handle JPEG420 functionality. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this issue.
Recommendations
For Accusoft ImageGear version 19.9, avoid processing untrusted or malicious JPG files until a patch is available. As a temporary workaround, consider restricting the use of the JPG Handle JPEG420 functionality to minimize the risk of exploitation.
Exploit
Fix
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Accusoft Imagegear