CVE-2023-28393

Name of the Vulnerable Software and Affected Versions Accusoft ImageGear version 20.1

Description A stack-based buffer overflow vulnerability exists in the tif processing dng channel count functionality. This issue is related to a buffer overflow operation. Exploitation of this vulnerability may allow a remote attacker to impact the confidentiality, integrity, and availability of protected information. A specially crafted malformed file can lead to memory corruption, and an attacker can provide a malicious file to trigger this vulnerability.

Recommendations For Accusoft ImageGear version 20.1, consider disabling the tif processing dng channel count function until a patch is available to prevent potential exploitation. Restrict access to handling malformed files to minimize the risk of triggering the buffer overflow.