Homepage
About Snyk

Out-of-bounds Write Affecting accusoft.imagegear.all package, versions [0,]

0.0
critical

Snyk CVSS

    Attack Complexity Low
    Confidentiality High
    Integrity High
    Availability High

    Threat Intelligence

    EPSS 0.08% (34th percentile)
Expand this section
NVD
7.8 high

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
  • Snyk ID SNYK-DOTNET-ACCUSOFTIMAGEGEARALL-1245476
  • published 14 Apr 2021
  • disclosed 14 Apr 2021
  • credit Emmanuel Tacheau
Report a new vulnerability Found a mistake?

Introduced: 14 Apr 2021

CVE-2021-21784 Open this link in a new tab
CWE-119 Open this link in a new tab
CWE-787 Open this link in a new tab

How to fix?

There is no fixed version for Accusoft.ImageGear.All.

Overview

Accusoft.ImageGear.All is a library that adds enterprise-class image viewing, compression, image processing and editing functions easily to any application, with support for PDF, more than 100 file formats and expanded functionality such as optical character recognition (OCR), barcode recognition, and support for medical DICOM images.

Affected versions of this package are vulnerable to Out-of-bounds Write via the JPG format SOF marker processing. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability.