Heap-Based Buffer Overflow in Accusoft ImageGear 19.10 JPEG-JFIF Lossless Huffman Image Parser

Heap-Based Buffer Overflow in Accusoft ImageGear 19.10 JPEG-JFIF Lossless Huffman Image Parser

CVE-2021-21947 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Two heap-based buffer overflow vulnerabilities exists in the JPEG-JFIF lossless Huffman image parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger these vulnerabilities.This heap-based buffer overflow takes place when the `SOF3` precision is greater or equal than 9.

Learn more about our Web Application Penetration Testing UK.