CVE-2022-23400

A stack-based buffer overflow vulnerability exists in the IGXMPXMLParser::parseDelimiter functionality of Accusoft ImageGear 19.10. A specially-crafted PSD file can overflow a stack buffer, which could either lead to denial of service or, depending on the application, to an information leak. An...

CVE-2022-23400

CVE-2022-23400 describes a stack-based buffer overflow in Accusoft ImageGear 19.10, specifically IGXMPXMLParser::parseDelimiter when processing PSD inputs. The TALOS analysis shows a 256-byte destination buffer (buffer_ovw) that can overflow due to mis-calculated shifts when parsing XMP/PSD data,...

CVE-2022-23400

A stack-based buffer overflow vulnerability exists in the IGXMPXMLParser::parseDelimiter functionality of Accusoft ImageGear 19.10. A specially-crafted PSD file can overflow a stack buffer, which could either lead to denial of service or, depending on the application, to an information leak. An...

Accusoft ImageGear缓冲区错误漏洞

Accusoft ImageGear is a software development kit SDK for image processing from Accusoft Corporation. A security vulnerability exists in Accusoft ImageGear version 19.10 that stems from an error in the IGXMPXMLParser::parseDelimiter function. A remote attacker could use a specially crafted PSD fil...

Accusoft ImageGear IGXMPXMLParser::parseDelimiter stack-based buffer overflow vulnerability

Summary A stack-based buffer overflow vulnerability exists in the IGXMPXMLParser::parseDelimiter functionality of Accusoft ImageGear 19.10. A specially-crafted PSD file can overflow a stack buffer, which could either lead to denial of service or, depending on the application, to an information...