Accusoft ImageGear 19.3.0 Out-of-bounds Write Vulnerability

Summary

An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll PNG header-parser of the Accusoft ImageGear 19.3.0 library. 

Credit:

The information has been provided by Marcin Icewall Noga

The original article can be found at:https://talosintelligence.com/vulnerability_reports/TALOS-2019-0865


Details

A specially crafted PNG file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed file to the viction to trigger the vulnerability.

 

Vulnerable Systems:

Accusoft ImageGear 19.3.0 

 

CVE Information:

CVE-2019-5076

 

Disclosure Timeline:
Published Date:12/3/2019

Categories: News