First published: Mon Sep 25 2023(Updated: )
A heap-based buffer overflow vulnerability exists in the create_png_object functionality of Accusoft ImageGear 20.1. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability.
Credit: talos-cna@cisco.com talos-cna@cisco.com
Affected Software | Affected Version | How to fix |
---|---|---|
AccuSoft ImageGear | =20.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2023-32614 is critical with a CVSS score of 9.8.
The affected software of CVE-2023-32614 is Accusoft ImageGear 20.1.
CVE-2023-32614 can lead to memory corruption when a specially crafted malformed file is provided, potentially allowing an attacker to execute arbitrary code or cause a denial of service.
There are no known exploits for CVE-2023-32614 at the time of writing.
To mitigate the vulnerability in Accusoft ImageGear 20.1, update to the latest version or apply any patches or security fixes provided by the vendor.