CVE-2020-6069
First published: Tue Feb 11 2020(Updated: )
An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll JPEG jpegread precision parser of the Accusoft ImageGear 19.5.0 library. A specially crafted JPEG file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed file to the victim to trigger the vulnerability.
Credit: talos-cna@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| AccuSoft ImageGear | =19.5.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2020-6069.
What is the severity of CVE-2020-6069?
The severity of CVE-2020-6069 is critical.
What is the affected software for CVE-2020-6069?
The affected software for CVE-2020-6069 is AccuSoft ImageGear 19.5.0.
How can this vulnerability be exploited?
This vulnerability can be exploited by providing a specially crafted JPEG file that causes an out-of-bounds write, resulting in a remote code execution.
Is there a fix available for CVE-2020-6069?
Yes, a fix is available for CVE-2020-6069. It is recommended to update to the latest version of AccuSoft ImageGear to mitigate the vulnerability.
- collector/nvd-index
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/type
- agent/tags
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/accusoft
- canonical/accusoft imagegear
- version/accusoft imagegear/19.5.0