EUVD-2019-14738

Malware in sbrugna...

The vulnerability of the tif_processing_dng_channel_count function in the ImageGear image processing library allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the tifprocessingdngchannelcount function in the ImageGear image processing library relates to the issue of data being written outside of the buffer. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the...

Accusoft ImageGear JPEG-JFIF lossless Huffman parser heap-based buffer overflow vulnerabilities

Summary Two heap-based buffer overflow vulnerabilities exists in the JPEG-JFIF lossless Huffman image parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger these vulnerabilities. Tested...

Accusoft ImageGear JPG sof_nb_comp header processing out-of-bounds write vulnerability

Summary An out-of-bounds write vulnerability exists in the JPG sofnbcomp header processing functionality of Accusoft ImageGear 19.8 and 19.9. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability. Tested Versions...

Accusoft ImageGear TIF bits_per_sample processing out-of-bounds write vulnerability

Summary An out-of-bounds write vulnerability exists in the TIF bitspersample processing functionality of Accusoft ImageGear 19.9. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability. Tested Versions Accusoft...

Accusoft ImageGear JPG format SOF marker processing out-of-bounds write vulnerability

Summary An out-of-bounds write vulnerability exists in the JPG format SOF marker processing of Accusoft ImageGear 19.8. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability. Tested Versions Accusoft ImageGear 19.8...

The vulnerability of the store_data_buffer function in the ImageGear image processing library allows a hacker to execute arbitrary code.

The vulnerability of the storedatabuffer function in the ImageGear image processing library is related to conversion errors. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code using a specially created malicious PNG file...

The vulnerability of the uncompress_scan_line function in the ImageGear image processing library allows a hacker to execute arbitrary code.

The vulnerability of the uncompressscanline function in the ImageGear image processing library is related to integer overflow. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code using a specially created TIFF file...

CVE-2020-6094

An exploitable code execution vulnerability exists in the TIFF fillinraster function of the igcore19d.dll library of Accusoft ImageGear 19.4, 19.5 and 19.6. A specially crafted TIFF file can cause an out-of-bounds write, resulting in remote code execution. An attacker can provide a malicious file...

CVE-2020-6064

An exploitable out-of-bounds write vulnerability exists in the uncompressscanline function of the igcore19d.dll library of Accusoft ImageGear, version 19.5.0. A specially crafted PCX file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a...

CVE-2020-6067

An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll TIFF tifread parser of the Accusoft ImageGear 19.5.0 library. A specially crafted TIFF file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed file to the...

CVE-2019-5132

An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll GEM Raster parser of the Accusoft ImageGear 19.3.0 library. A specially crafted GEM file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed file to the victim...

Accusoft ImageGear BMP code execution vulnerability

Summary An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll BMP parser of the ImageGear 19.3.0 library. A specially crafted BMP file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed file to the victim to...