Security News > 2020 > February > Flaws in Accusoft ImageGear Expose Users to Remote Attacks

Flaws in Accusoft ImageGear Expose Users to Remote Attacks
2020-02-11 14:50

Critical vulnerabilities addressed in the Accusoft ImageGear library could be exploited by remote attackers to execute code on a victim machine, Cisco Talos' security researchers report.

A document-imaging developer toolkit, ImageGear was designed to provide users with the ability to convert, create, and edit images, among others.

Cisco Talos' researchers have discovered a total of seven vulnerabilities in version 19.5.0 of the Accusoft ImageGear library, all of which are described as out-of-bounds write issues.

Dll library of Accusoft ImageGear, and all are remotely exploitable via specially crafted files.

Tracked as CVE-2019-5187, the first of the flaws was found in the TIF read stripdata function of ImageGear's igcore19d.


News URL

http://feedproxy.google.com/~r/Securityweek/~3/qM6xbcK1nRE/flaws-accusoft-imagegear-expose-users-remote-attacks

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2020-02-14 CVE-2019-5187 Out-of-bounds Write vulnerability in Accusoft Imagegear 19.5.0
An exploitable out-of-bounds write vulnerability exists in the TIFreadstripdata function of the igcore19d.dll library of Accusoft ImageGear 19.5.0.
network
accusoft CWE-787
6.8
6.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Accusoft 3 0 30 24 7 61