27 matches found
EUVD-2021-9120
Malicious code in bioql PyPI...
SUSE CVE-2009-3872
Unspecified vulnerability in the JPEG JFIF Decoder in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.127, and SDK and JRE 1.4.x before 1.4.224 allows remote attackers to gain privileges via a crafted image file, aka Bug Id 6862969...
Accusoft ImageGear Input Validation Error Vulnerability
Accusoft ImageGear is a software development kit SDK for image processing from Accusoft, USA. Accusoft ImageGear suffers from an Input Validation Error vulnerability that originates from a boundary error when handling untrusted input in the JPEG-JFIF scan header parser function. An attacker could...
CVE-2021-21946
Two heap-based buffer overflow vulnerabilities exists in the JPEG-JFIF lossless Huffman image parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger these vulnerabilities.This heap-based...
CVE-2021-21947
Two heap-based buffer overflow vulnerabilities exists in the JPEG-JFIF lossless Huffman image parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger these vulnerabilities.This heap-based...
CVE-2021-21949
An improper array index validation vulnerability exists in the JPEG-JFIF Scan header parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to an out-of-bounds write and potential code exectuion. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2021-21946
Two heap-based buffer overflow vulnerabilities exists in the JPEG-JFIF lossless Huffman image parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger these vulnerabilities.This heap-based...
Heap overflow
Two heap-based buffer overflow vulnerabilities exists in the JPEG-JFIF lossless Huffman image parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger these vulnerabilities.This heap-based...
Heap overflow
Two heap-based buffer overflow vulnerabilities exists in the JPEG-JFIF lossless Huffman image parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger these vulnerabilities.This heap-based...
Input validation
An improper array index validation vulnerability exists in the JPEG-JFIF Scan header parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to an out-of-bounds write and potential code exectuion. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2021-21949
An improper array index validation vulnerability exists in the JPEG-JFIF Scan header parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to an out-of-bounds write and potential code exectuion. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2021-21949
The CVE-2021-21949 entry maps to a concrete vulnerability in Accusoft ImageGear 19.10: an improper array index validation in the JPEG-JFIF Scan header parser can cause an out-of-bounds write, leading to potential code execution. The root cause is a mismatch in how SOS data references AC/DC Huffma...
CVE-2021-21947
CVE-2021-21947 affects Accusoft ImageGear 19.10. The JPEG-JFIF lossless Huffman parser has two heap-based buffer overflow vulnerabilities triggered by loading JPEG data; the overflow occurs in the lossless path when SOF3 precision is >= 9 (and also discussed for precision
CVE-2021-21947
Two heap-based buffer overflow vulnerabilities exists in the JPEG-JFIF lossless Huffman image parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger these vulnerabilities.This heap-based...
CVE-2021-21946
Two heap-based buffer overflow vulnerabilities exists in the JPEG-JFIF lossless Huffman image parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger these vulnerabilities.This heap-based...
CVE-2021-21946
CVE-2021-21946 affects Accusoft ImageGear 19.10’s JPEG-JFIF lossless Huffman image parser. The vulnerability arises in process_jpeg_lossless (and buffer allocation in allocate_buffer_for_jpeg_decoding) where per-component buffers are sized via a formula (standardized_width = (X_image * subsamplin...
CVE-2021-21946
Two heap-based buffer overflow vulnerabilities exists in the JPEG-JFIF lossless Huffman image parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger these vulnerabilities.This heap-based...
PT-2022-9209 · Accusoft · Accusoft Imagegear
Name of the Vulnerable Software and Affected Versions: Accusoft ImageGear version 19.10 Description: Two heap-based buffer overflow issues exist in the JPEG-JFIF lossless Huffman image parser functionality. A specially-crafted file can lead to a heap buffer overflow. An attacker can provide a...
Accusoft ImageGear JPEG-JFIF lossless Huffman parser heap-based buffer overflow vulnerabilities
Summary Two heap-based buffer overflow vulnerabilities exists in the JPEG-JFIF lossless Huffman image parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger these vulnerabilities. Tested...
Accusoft ImageGear JPEG-JFIF Scan header parser out-of-bounds write vulnerability
Summary An improper array index validation vulnerability exists in the JPEG-JFIF Scan header parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to an out-of-bounds write and potential code exectuion. An attacker can provide a malicious file to trigger this...