CVE-2023-39453

Name of the Vulnerable Software and Affected Versions Accusoft ImageGear version 20.1

Description A use-after-free vulnerability exists in the tif parse sub IFD functionality. This allows an attacker to deliver a specially crafted malformed file, potentially leading to arbitrary code execution.

Recommendations For Accusoft ImageGear version 20.1, consider avoiding the use of the tif parse sub IFD functionality until a patch is available. As a temporary workaround, restrict the handling of malformed files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.