CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 1CVE-2022-23400
https://notcve.org/view.php?id=CVE-2022-23400
03 May 2022 — A stack-based buffer overflow vulnerability exists in the IGXMPXMLParser::parseDelimiter functionality of Accusoft ImageGear 19.10. A specially-crafted PSD file can overflow a stack buffer, which could either lead to denial of service or, depending on the application, to an information leak. An attacker can provide a malicious file to trigger this vulnerability. Se presenta una vulnerabilidad de desbordamiento de búfer en la región stack de la memoria en la funcionalidad IGXMPXMLParser::parseDelimiter de Ac... • https://talosintelligence.com/vulnerability_reports/TALOS-2022-1465 • CWE-193: Off-by-one Error CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-22137
https://notcve.org/view.php?id=CVE-2022-22137
03 May 2022 — A memory corruption vulnerability exists in the ioca_mys_rgb_allocate functionality of Accusoft ImageGear 19.10. A specially-crafted malformed file can lead to an arbitrary free. An attacker can provide a malicious file to trigger this vulnerability. Se presenta una vulnerabilidad de corrupción de memoria en la funcionalidad ioca_mys_rgb_allocate de Accusoft ImageGear versión 19.10. Un archivo malformado especialmente diseñado puede conllevar a una liberación arbitraria. • https://talosintelligence.com/vulnerability_reports/TALOS-2022-1449 • CWE-131: Incorrect Calculation of Buffer Size •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 1CVE-2021-40398
https://notcve.org/view.php?id=CVE-2021-40398
14 Apr 2022 — An out-of-bounds write vulnerability exists in the parse_raster_data functionality of Accusoft ImageGear 19.10. A specially-crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability. Se presenta una vulnerabilidad de escritura fuera de límites en la funcionalidad parse_raster_data de Accusoft ImageGear versión 19.10. Un archivo malformado diseñado especialmente puede conllevar a una corrupción de la memoria. • https://talosintelligence.com/vulnerability_reports/TALOS-2021-1411 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-21949
https://notcve.org/view.php?id=CVE-2021-21949
14 Apr 2022 — An improper array index validation vulnerability exists in the JPEG-JFIF Scan header parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to an out-of-bounds write and potential code exectuion. An attacker can provide a malicious file to trigger this vulnerability. Se presenta una vulnerabilidad de comprobación inapropiada de índices de matrices en la funcionalidad del analizador de encabezados JPEG-JFIF de Accusoft ImageGear versión 19.10. Un archivo especialmente diseñado pu... • https://talosintelligence.com/vulnerability_reports/TALOS-2021-1377 • CWE-129: Improper Validation of Array Index •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-21947
https://notcve.org/view.php?id=CVE-2021-21947
14 Apr 2022 — Two heap-based buffer overflow vulnerabilities exists in the JPEG-JFIF lossless Huffman image parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger these vulnerabilities.This heap-based buffer overflow takes place when the `SOF3` precision is greater or equal than 9. Se presentan dos vulnerabilidades de desbordamiento de búfer en la región heap de la memoria en la funcionalidad del analizador de imág... • https://talosintelligence.com/vulnerability_reports/TALOS-2021-1375 • CWE-122: Heap-based Buffer Overflow CWE-129: Improper Validation of Array Index •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-21946
https://notcve.org/view.php?id=CVE-2021-21946
14 Apr 2022 — Two heap-based buffer overflow vulnerabilities exists in the JPEG-JFIF lossless Huffman image parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger these vulnerabilities.This heap-based buffer overflow takes place when the `SOF3` precision is lower than 9. Se presentan dos vulnerabilidades de desbordamiento de búfer en la región heap de la memoria en la funcionalidad del analizador de imágenes Huffma... • https://talosintelligence.com/vulnerability_reports/TALOS-2021-1375 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-21945
https://notcve.org/view.php?id=CVE-2021-21945
14 Apr 2022 — Two heap-based buffer overflow vulnerabilities exist in the TIFF parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger these vulnerabilities.This heap-based buffer oveflow takes place trying to copy the second 12 bits from local variable. Se presentan dos vulnerabilidades de desbordamiento de búfer en la región heap de la memoria en la funcionalidad del analizador TIFF de Accusoft ImageGear versión 1... • https://talosintelligence.com/vulnerability_reports/TALOS-2021-1374 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-21944
https://notcve.org/view.php?id=CVE-2021-21944
14 Apr 2022 — Two heap-based buffer overflow vulnerabilities exist in the TIFF parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger these vulnerabilities.This heap-based buffer oveflow takes place trying to copy the first 12 bits from local variable. Se presentan dos vulnerabilidades de desbordamiento de búfer en la región heap de la memoria en la funcionalidad del analizador TIFF de Accusoft ImageGear versión 19... • https://talosintelligence.com/vulnerability_reports/TALOS-2021-1374 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-21943
https://notcve.org/view.php?id=CVE-2021-21943
14 Apr 2022 — A heap-based buffer overflow vulnerability exists in the XWD parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. Se presenta una vulnerabilidad de desbordamiento del búfer basada en el montón en la funcionalidad del analizador XWD de Accusoft ImageGear versión 19.10. Un archivo especialmente diseñado puede conllevar a una ejecución de código. • https://talosintelligence.com/vulnerability_reports/TALOS-2021-1373 • CWE-122: Heap-based Buffer Overflow CWE-1284: Improper Validation of Specified Quantity in Input •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-21942
https://notcve.org/view.php?id=CVE-2021-21942
14 Apr 2022 — An out-of-bounds write vulnerability exists in the TIFF YCbCr image parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to remote code execution. An attacker can provide a malicious file to trigger this vulnerability. Se presenta una vulnerabilidad de escritura fuera de límites en la funcionalidad del analizador de imágenes TIFF YCbCr de Accusoft ImageGear versión 19.10. Un archivo especialmente diseñado puede conllevar a una ejecución de código remota. • https://talosintelligence.com/vulnerability_reports/TALOS-2021-1371 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •