CVE-2023-32614

Name of the Vulnerable Software and Affected Versions Accusoft ImageGear version 20.1

Description A heap-based buffer overflow vulnerability exists in the create png object() functionality. This issue is related to a buffer overflow, which can be triggered by a specially crafted malicious PNG file, potentially leading to memory corruption. An attacker can exploit this vulnerability by providing a malicious file, affecting the confidentiality, integrity, and availability of protected information.

Recommendations For Accusoft ImageGear version 20.1, consider disabling the create png object() function until a patch is available to prevent potential exploitation. Restrict the handling of PNG files from untrusted sources to minimize the risk of triggering this vulnerability.