CVE-2021-21833

Name of the Vulnerable Software and Affected Versions Accusoft ImageGear version 19.9

Description An issue exists in the TIF IP planar raster unpack functionality where improper array index validation can occur. This can be triggered by a specially crafted malformed file, leading to an out-of-bounds write. An attacker can exploit this by providing a malicious file.

Recommendations For Accusoft ImageGear version 19.9, consider avoiding the use of the TIF IP planar raster unpack functionality until a fix is available. As a temporary workaround, restrict the processing of untrusted or malicious files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.