Heap-based Buffer Overflow in Accusoft ImageGear 19.10 JPEG-JFIF Lossless Huffman Image Parser

Heap-based Buffer Overflow in Accusoft ImageGear 19.10 JPEG-JFIF Lossless Huffman Image Parser

CVE-2021-21946 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Two heap-based buffer overflow vulnerabilities exists in the JPEG-JFIF lossless Huffman image parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger these vulnerabilities.This heap-based buffer overflow takes place when the `SOF3` precision is lower than 9.

Learn more about our Web Application Penetration Testing UK.