Security News > 2020 > February > Flaws in Accusoft ImageGear Expose Users to Remote Attacks
Critical vulnerabilities addressed in the Accusoft ImageGear library could be exploited by remote attackers to execute code on a victim machine, Cisco Talos' security researchers report.
A document-imaging developer toolkit, ImageGear was designed to provide users with the ability to convert, create, and edit images, among others.
Cisco Talos' researchers have discovered a total of seven vulnerabilities in version 19.5.0 of the Accusoft ImageGear library, all of which are described as out-of-bounds write issues.
Dll library of Accusoft ImageGear, and all are remotely exploitable via specially crafted files.
Tracked as CVE-2019-5187, the first of the flaws was found in the TIF read stripdata function of ImageGear's igcore19d.
News URL
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-02-14 | CVE-2019-5187 | Out-of-bounds Write vulnerability in Accusoft Imagegear 19.5.0 An exploitable out-of-bounds write vulnerability exists in the TIFreadstripdata function of the igcore19d.dll library of Accusoft ImageGear 19.5.0. | 6.8 |