CVE-2023-35002

Name of the Vulnerable Software and Affected Versions Accusoft ImageGear version 20.1

Description A heap-based buffer overflow vulnerability exists in the pictwread functionality. A specially crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.

Recommendations For Accusoft ImageGear version 20.1, consider disabling the pictwread functionality until a patch is available to prevent arbitrary code execution. Restrict access to handling malformed files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.