Lucene search
+L
AccusoftImagegear

58 matches found

CVE
CVE
added 2020/02/14 9:20 p.m.149 views

CVE-2020-6068

The CVE-2020-6068 issue affects Accusoft ImageGear 19.5.0, specifically the igcore19d.dll PNG pngread parser. The vulnerability is an out-of-bounds write in the PNG reading path that can be triggered by loading a crafted PNG file, potentially enabling remote code execution. Public documents (e.g....

9.8CVSS8.9AI score0.03687EPSS
CVE
CVE
added 2020/02/14 9:22 p.m.131 views

CVE-2019-5187

An out-of-bounds write in ImageGear igcore19d.dll (TIF_read_stripdata) of version 19.5.0 enables remote code execution when processing certain TIFF strips. The vulnerability arises during stripe data handling: dstBuffer size is computed via two paths using imagewidth (ImageWidth tag) and bits-per...

9.8CVSS8.9AI score0.03687EPSS
CVE
CVE
added 2022/05/03 4:5 p.m.90 views

CVE-2022-23400

CVE-2022-23400 describes a stack-based buffer overflow in Accusoft ImageGear 19.10, specifically IGXMPXMLParser::parseDelimiter when processing PSD inputs. The TALOS analysis shows a 256-byte destination buffer (buffer_ovw) that can overflow due to mis-calculated shifts when parsing XMP/PSD data,...

7.1CVSS6.9AI score0.00767EPSS
CVE
CVE
added 2019/12/03 9:25 p.m.89 views

CVE-2019-5132

CVE-2019-5132 affects Accusoft ImageGear 19.3.0 (igcore19d.dll GEM Raster parser). A crafted GEM file can trigger an out-of-bounds write, resulting in remote code execution. Root cause: out-of-bounds write in the GEM Raster parser. Exploitation requires a malformed file; TALOS notes the vulnerabi...

9.8CVSS8.9AI score0.03687EPSS
CVE
CVE
added 2022/04/14 7:55 p.m.89 views

CVE-2021-21938

A CVE-2021-21938 issue affects Accusoft ImageGear 19.10, specifically the Palette box parser. A heap-based buffer overflow arises from an off-by-one error in computing the number of bytes to allocate for the Palette box data, causing a too-small destination buffer and a subsequent overflow during...

9.8CVSS8.9AI score0.01792EPSS
CVE
CVE
added 2019/12/03 9:26 p.m.88 views

CVE-2019-5133

CVE-2019-5133 : Accusoft ImageGear 19.3.0 exports an exploitable out-of-bounds write in the BMP parser (igcore19d.dll) via the IG_mpi_page_set routine. A specially crafted BMP file can drive a write beyond the allocated dstBuffer, leading to memory corruption and remote code execution. The vulner...

9.8CVSS8.9AI score0.03203EPSS
CVE
CVE
added 2022/08/05 9:20 p.m.88 views

CVE-2022-29465

CVE-2022-29465 affects Accusoft ImageGear 20.0; the PSD Header processing memory allocation pathway is vulnerable to an out-of-bounds write. The root cause is a miscalculated allocation size in allocation_function_mem, where _size_buffer_alloc is derived from width and product_of_numchannel_bits_...

9.8CVSS9.4AI score0.01793EPSS
CVE
CVE
added 2022/05/03 4:5 p.m.87 views

CVE-2022-22137

CVE-2022-22137 describes a memory-corruption vulnerability in the Accusoft ImageGear 19.10 library, caused by a boundary/size calculation error in ioca_mys_rgb_allocate. A crafted IOCA file can trigger a use-after-free via a malformed table_mys_rgb_ptr, potentially leading to arbitrary code execu...

9.8CVSS6.6AI score0.01093EPSS
CVE
CVE
added 2019/12/03 9:24 p.m.83 views

CVE-2019-5076

CVE-2019-5076 is an out-of-bounds write vulnerability in Accusoft ImageGear 19.3.0, specifically in igcore19d.dll PNG header-parser (IHDR width handling). A malformed PNG IHDR Width value can cause an out-of-bounds write, enabling remote code execution. Talos details confirm the affected product/...

9.8CVSS8.9AI score0.03687EPSS
CVE
CVE
added 2022/04/14 7:55 p.m.81 views

CVE-2021-21939

Summary of CVE-2021-21939 (Accusoft ImageGear XWD parser) : The heap-based buffer overflow exists in the XWD parser of ImageGear 19.10. A specially crafted XWD file can trigger the overflow during bitmap row processing due to a missing size check in raster size computation and a mismatch between ...

9.8CVSS8.9AI score0.01494EPSS
CVE
CVE
added 2023/09/25 3:22 p.m.80 views

CVE-2023-32284

Summary: CVE-2023-32284 is an out-of-bounds write in the Accusoft ImageGear 20.1 library, specifically in the tiff_planar_adobe functionality. The flaw arises from a missing bounds check in a loop that copies raster data when bits_per_channel == 8. The loop uses max_loop, derived from image width...

9.8CVSS8.9AI score0.0075EPSS
CVE
CVE
added 2019/12/03 9:20 p.m.79 views

CVE-2019-5083

CVE-2019-5083 affects Accusoft ImageGear 19.3.0: the igcore19d.dll TIF_decode_thunderscan function contains an out-of-bounds write that enables remote code execution when processing a crafted TIFF file. The TALOS advisory confirms the vulnerability in ImageGear 19.3.0 and notes a public mitigatio...

9.8CVSS9AI score0.03612EPSS
CVE
CVE
added 2022/04/14 7:55 p.m.77 views

CVE-2021-21942

The CVE-2021-21942 entry concerns Accusoft ImageGear 19.10 and the TIFF YCbCr image parser. The root cause is a missing size check in the TIFF_YCbCr_to_RGB conversion when handling YCbCrSubsampling, combined with how buffers are allocated for dst_ptr across YC bCr horizontal subsampling. This can...

9.8CVSS8.9AI score0.01885EPSS
CVE
CVE
added 2022/04/14 7:56 p.m.75 views

CVE-2021-21947

CVE-2021-21947 affects Accusoft ImageGear 19.10. The JPEG-JFIF lossless Huffman parser has two heap-based buffer overflow vulnerabilities triggered by loading JPEG data; the overflow occurs in the lossless path when SOF3 precision is >= 9 (and also discussed for precision

9.8CVSS9AI score0.01068EPSS
CVE
CVE
added 2022/04/14 7:56 p.m.72 views

CVE-2021-21949

The CVE-2021-21949 entry maps to a concrete vulnerability in Accusoft ImageGear 19.10: an improper array index validation in the JPEG-JFIF Scan header parser can cause an out-of-bounds write, leading to potential code execution. The root cause is a mismatch in how SOS data references AC/DC Huffma...

9.8CVSS8.7AI score0.01084EPSS
CVE
CVE
added 2020/02/11 8:54 p.m.70 views

CVE-2020-6066

CVE-2020-6066 affects Accusoft ImageGear 19.5.0, specifically igcore19d.dll JPEG SOFx parser. A malformed JPEG can trigger an out-of-bounds write in the SOFx code path, enabling remote code execution. Talos reports 19.5.0 as affected and notes an official update to 19.6 is available to resolve th...

9.8CVSS8.9AI score0.03687EPSS
CVE
CVE
added 2022/04/14 7:55 p.m.69 views

CVE-2021-21946

CVE-2021-21946 affects Accusoft ImageGear 19.10’s JPEG-JFIF lossless Huffman image parser. The vulnerability arises in process_jpeg_lossless (and buffer allocation in allocate_buffer_for_jpeg_decoding) where per-component buffers are sized via a formula (standardized_width = (X_image * subsamplin...

9.8CVSS9AI score0.01068EPSS
CVE
CVE
added 2020/05/06 12:33 p.m.67 views

CVE-2020-6082

Summary: CVE-2020-6082 is a documented out-of-bounds write in the ICO reader of the Accusoft ImageGear 19.6.0 library (igcore19d.dll), caused by an improper size calculation in ico_read. An attacker can trigger a remote code execution by feeding a malformed ICO file. Public details include the vu...

9.8CVSS8.9AI score0.03597EPSS
CVE
CVE
added 2021/06/11 4:12 p.m.67 views

CVE-2021-21824

CVE-2021-21824 affects Accusoft ImageGear 19.9 and involves an out-of-bounds write in the JPG Handle_JPEG420 function, leading to memory corruption when processing malformed JPEG files. The TALOS report details a buffer/stride issue in handle_JPEG420 that can crash or potentially be exploited via...

9.8CVSS9.3AI score0.01215EPSS
CVE
CVE
added 2022/11/09 5:35 p.m.67 views

CVE-2022-32588

Summary of CVE-2022-32588 (Accusoft ImageGear 20.0) The vulnerability exists in the PICT parsing path, specifically in the pctwread_14841 function chain. It stems from a missing minimum-size check when processing a malformed PICT file, causing an out-of-bounds heap write and memory corruption. Te...

9.8CVSS7.5AI score0.00601EPSS
CVE
CVE
added 2020/02/11 8:50 p.m.66 views

CVE-2020-6064

CVE-2020-6064 affects Accusoft ImageGear 19.5.0 (igcore19d.dll). Talos and Red Hat disclosures describe an exploitable out-of-bounds write in uncompress_scan_line used to decompress PCX data, triggered by a malformed PCX file. The issue stems from insufficient sanity checks and buffer sizing: com...

9.8CVSS8.9AI score0.03687EPSS
CVE
CVE
added 2022/04/14 7:55 p.m.66 views

CVE-2021-21914

Accusoft ImageGear 19.10 contains a heap-based buffer overflow in DecoderStream::Append. The root cause is an integer overflow in allocation size (malloc_mem_wrap) that can allocate a too-small/overrunable heap buffer, leading to overflows in read_data_from_file and the function pointer fetch, en...

9.8CVSS8.9AI score0.01494EPSS
CVE
CVE
added 2022/04/14 7:56 p.m.66 views

CVE-2021-40398

CVE-2021-40398 affects Accusoft ImageGear 19.10 and is caused by an out-of-bounds write in parse_raster_data, specifically in the write_into_dest_buffer path. The vulnerability arises from flawed bound checks when calculating memcpy size (memcpy_size) against the destination buffer, where dest_bu...

8.1CVSS7.5AI score0.00735EPSS
CVE
CVE
added 2021/02/10 9:45 p.m.65 views

CVE-2020-13585

CVE-2020-13585 affects Accusoft ImageGear 19.8 PSD header processing. The vulnerability arises from a buffer allocation bug in psd_header_processing: alloc_size is derived from image width and bit depth, and _oobw_buffer is allocated via AF_memm_alloc using size from file data; AF_memm_alloc wrap...

9.8CVSS8.8AI score0.01855EPSS
CVE
CVE
added 2020/05/06 12:36 p.m.65 views

CVE-2020-6076

CVE-2020-6076 affects Accusoft ImageGear 19.5.0 (igcore19d.dll ICO icoread parser). A crafted ICO file can trigger an out-of-bounds write in the ICO parser, enabling remote code execution. The Intel/Root cause is an out-of-bounds write in memcpy handling within igcore19d.dll, with memory corrupti...

9.8CVSS8.9AI score0.03597EPSS
CVE
CVE
added 2023/09/25 3:22 p.m.65 views

CVE-2023-28393

CVE-2023-28393 affects Accusoft ImageGear 20.1, specifically the tif_processing_dng_channel_count function. Talos details show a stack-based buffer overflow caused by a missing bounds check when processing TIFF data; the code writes a fixed value (0x10) into a two-element stack array based on max...

8.8CVSS8.7AI score0.00503EPSS
CVE
CVE
added 2023/09/25 3:22 p.m.65 views

CVE-2023-39453

The CVE-2023-39453 entry details a use-after-free in Accusoft ImageGear 20.1’s tif_parse_sub_IFD handling, where recursion frees the same IFD buffer multiple times, leading to an access violation and arbitrary code execution in the affected path. The Talos report confirms a real vulnerability wit...

9.8CVSS9.2AI score0.01205EPSS
CVE
CVE
added 2021/02/10 9:45 p.m.63 views

CVE-2020-13572

CVE-2020-13572 describes a heap overflow in the GIF LZW decoder used by Accusoft ImageGear 19.8. The vulnerability occurs while decoding LZW streams in the GIF parser, where a destination index can overflow the allocated heap buffer, potentially allowing arbitrary code execution when processing s...

9.8CVSS8.9AI score0.01917EPSS
CVE
CVE
added 2007/04/24 8:0 p.m.61 views

CVE-2007-2209

A concrete vulnerability described across multiple sources: Buffer overflow in igcore15d.dll versions 15.1.2.0 and 15.2.0.0 used by AccuSoft ImageGear, including Corel Paint Shop Pro Photo 11.20, may allow user-assisted remote code execution via a crafted .CLP file. The underlying issue is a buff...

6.8CVSS8AI score0.11588EPSS
CVE
CVE
added 2021/02/10 9:45 p.m.61 views

CVE-2020-13561

CVE-2020-13561 is an out-of-bounds write vulnerability in the TIFF parser of Accusoft ImageGear 19.8. The TALOS analysis describes a flaw in the image processing pipeline (sigread buffer handling) that can be triggered by a malformed TIFF file, leading to memory corruption and potential code exec...

9.8CVSS8.8AI score0.01855EPSS
CVE
CVE
added 2022/04/14 7:55 p.m.61 views

CVE-2021-21943

Accusoft ImageGear 19.10 is affected via a heap-based buffer overflow in the XWD parser (xwdread_pixmapformat_0_or_1). A malformed XWD file can cause a write past a dst_buff allocated using a size derived from PixmapWidth, without validating against BytesPerLine, enabling potential code execution...

9.8CVSS8.9AI score0.01494EPSS
CVE
CVE
added 2021/02/10 9:45 p.m.60 views

CVE-2020-13571

CVE-2020-13571 affects Accusoft ImageGear 19.8, specifically the SGI RLE decompression path. The Talos analysis details an out-of-bounds write in sgiread (sgiread.c) caused by a missing input-size check in the RLE decoding flow, leading to a memory overwrite during a ReadFile/IO_read sequence. Ke...

9.8CVSS8.8AI score0.01959EPSS
CVE
CVE
added 2020/02/11 8:54 p.m.60 views

CVE-2020-6067

CVE-2020-6067 affects Accusoft ImageGear 19.5.0 (igcore19d.dll) TIFF tifread parser. A crafted TIFF file can trigger an out-of-bounds write, enabling remote code execution. Affected product/version: ImageGear 19.5.0. Root cause: out-of-bounds write in tifread handling. Public disclosures include ...

9.8CVSS8.9AI score0.03687EPSS
CVE
CVE
added 2020/05/06 12:33 p.m.60 views

CVE-2020-6094

The vulnerability CVE-2020-6094 affects Accusoft ImageGear 19.4–19.6 (igcore19d.dll). A TIFF file can cause an out-of-bounds write in fill_in_raster due to an integer overflow in compute_size_from_bibitWidth_operations, which computes heap_buffer size from SamplesPerPixel and biWidth. An attacker...

9.8CVSS9AI score0.03597EPSS
CVE
CVE
added 2020/02/11 8:50 p.m.58 views

CVE-2020-6069

CVE-2020-6069 affects Accusoft ImageGear 19.5.0 (igcore19d.dll) JPEG jpegread precision parser. A crafted JPEG file can trigger an out-of-bounds write, enabling remote code execution. The TALOS advisory confirms a code-execution path in the igcore19d.dll with a 19.5.0 target and notes a fix/updat...

9.8CVSS8.9AI score0.03687EPSS
CVE
CVE
added 2021/04/13 6:8 p.m.58 views

CVE-2021-21784

CVE-2021-21784 affects Accusoft ImageGear 19.8 and concerns an out-of-bounds write in JPG SOF marker processing. The issue stems from buffer size calculations during rasterization for multiple SOF markers: a miscalculation of width/precision can cause a do-while loop to write beyond the allocated...

9.8CVSS7.5AI score0.00807EPSS
CVE
CVE
added 2023/09/25 3:22 p.m.58 views

CVE-2023-23567

Accusoft ImageGear 20.1 is affected by CVE-2023-23567 in the CreateDIBfromPict functionality. Talos reports a heap-based buffer overflow caused by a mis-sized heap buffer when processing DirectBitsRect/PICt data, allowing potential arbitrary code execution via a specially crafted file. The vulner...

8.8CVSS8.9AI score0.0101EPSS
CVE
CVE
added 2023/09/25 3:22 p.m.57 views

CVE-2023-32653

CVE-2023-32653 is an out-of-bounds write vulnerability in Accusoft ImageGear 20.1, specifically in the dcm_pixel_data_decode function. A specially crafted malformed file can trigger an arbitrary code execution when opened by the victim. Talos reports the vulnerable version as ImageGear 20.1, and ...

9.8CVSS8.8AI score0.0103EPSS
CVE
CVE
added 2020/02/11 8:50 p.m.56 views

CVE-2020-6065

An exploitable out-of-bounds write exists in Accusoft ImageGear igcore19d.dll v19.5.0, in bmp_parsing. The issue stems from calculating total_width as 4 * width without overflow protection, leading to an incorrect allocation and out-of-bounds writes while parsing BMP data, enabling remote code ex...

9.8CVSS8.9AI score0.03687EPSS
CVE
CVE
added 2021/03/31 1:59 p.m.56 views

CVE-2021-21773

The CVE-2021-21773 entry concerns Accusoft ImageGear 19.8, where an out-of-bounds write vulnerability in the TIFF header count-processing functionality can lead to memory corruption when processing a specially crafted file. The issue is triggered by a malformed TIFF header processing path and is ...

8.1CVSS7.5AI score0.00678EPSS
CVE
CVE
added 2021/06/11 4:12 p.m.56 views

CVE-2021-21833

An explicit vulnerability in Accusoft ImageGear 19.9 affects IP_planar_raster_unpack for TIF processing, enabling an out-of-bounds write via a malformed file. TALOS details show an improper array index validation in IP_planar_raster_unpack, with a crash/AV in igCore19d!IG_mpi_page_set when writin...

9.8CVSS9.3AI score0.01428EPSS
CVE
CVE
added 2021/03/31 2:0 p.m.55 views

CVE-2021-21782

CVE-2021-21782 affects Accusoft ImageGear 19.8, specifically the SGI format buffer size processing. The root cause is an out-of-bounds memory write during SGI parsing, where the allocated size and subsequent memcpy size are taken from the SGI header, enabling memory corruption and potential code ...

9.8CVSS8.7AI score0.01257EPSS
CVE
CVE
added 2020/05/06 12:36 p.m.54 views

CVE-2020-6075

CVE-2020-6075 concerns a out-of-bounds write in Accusoft ImageGear 19.5.0 (igcore19d.dll) triggered by a malformed PNG, enabling remote code execution. The vulnerability stems from store_data_buffer copying from src_buffer to dst_buffer with a loop controlled by size; an incorrect cast (signed/un...

9.8CVSS8.9AI score0.03597EPSS
CVE
CVE
added 2021/07/07 9:30 p.m.54 views

CVE-2021-21807

CVE-2021-21807 affects Accusoft ImageGear 19.9 (DICOM parse_dicom_meta_info). A vulnerability in parse_dicom_meta_info’s _size handling causes a stack-based buffer overflow when processing a specially crafted DICOM file. The issue is triggered via perform_some_read_operations using a size value o...

9.8CVSS9.5AI score0.01458EPSS
CVE
CVE
added 2021/07/08 10:57 a.m.54 views

CVE-2021-21821

CVE-2021-21821 is a stack-based buffer overflow in the PDF process_fontname function of Accusoft ImageGear 19.9. The TALOS report documents a vulnerable path in process_fontname where a 256-byte local buffer b_ovf can be overflowed by a long fontname read from a PDF, with the overflow triggered b...

9.8CVSS9.7AI score0.01963EPSS
CVE
CVE
added 2021/07/08 11:18 a.m.52 views

CVE-2021-21794

CVE-2021-21794 affects Accusoft ImageGear 19.9. The flaw is an out-of-bounds write in the TIF bits_per_sample processing path, caused by an unsafe GetCopyBufferAllocatedWithPixpos-derived pointer, which can allow a crafted TIF file to trigger a memory overwrite via wrapper_memcpy. TALOS documents...

9.8CVSS7.5AI score0.0067EPSS
CVE
CVE
added 2022/04/14 7:55 p.m.52 views

CVE-2021-21944

CVE-2021-21944 (and related CVE-2021-21945) describe heap-based buffer overflow issues in the TIFF parser of Accusoft ImageGear 19.10. TALOS details show the vulnerability resides in the TIFF parsing path (FUN_10074d50) when BitsPerSample is 0xC, with a writing pattern that can exceed dest_buff b...

9.8CVSS8.8AI score0.01068EPSS
CVE
CVE
added 2021/03/31 2:0 p.m.51 views

CVE-2021-21776

CVE-2021-21776 describes an out-of-bounds write in Accusoft ImageGear 19.8 during SGI file parsing. The vulnerability stems from the SGI_Format_Buffer_Size_Processing path where a small destination buffer is allocated using SGI_XSIZE, but a subsequent memcpy uses a size controlled by the SGI file...

9.8CVSS8.6AI score0.01325EPSS
CVE
CVE
added 2021/07/08 11:11 a.m.51 views

CVE-2021-21793

CVE-2021-21793 affects Accusoft ImageGear 19.8 and 19.9. The vulnerability is an out-of-bounds write in the JPG sof_nb_comp header processing path, caused by reading nr_comp_sos from the SOF object and allocating a color table buffer (_color_table_data) based on that value. If nr_comp_sos is deri...

9.8CVSS8.6AI score0.01137EPSS
CVE
CVE
added 2021/06/11 4:17 p.m.51 views

CVE-2021-21795

The CVE-2021-21795 issue affects Accusoft ImageGear 19.9, specifically the PSD read_icc_icCurve_data function. A misparsed PSD tag counts value (curve_data->count) is read from the file; when count is large (e.g., 0x80000001), the code allocates buffer_for_curves_values using count <

9.8CVSS9.6AI score0.01407EPSS
Total number of security vulnerabilities58