Vulnerability Spotlight Two vulnerabilities in Accusoft ImageGear could lead to DoS, arbitrary free


ImageGear is a developer toolkit for document imaging that allows users to generate, edit, annotate, and convert various images. It can handle over 100 different file types, including DICOM, PDF, and Microsoft Office.

By overflowing the stack buffer, one vulnerability, TALOS-2022-1465 (CVE-2022-23400), could allow an attacker to induce a denial-of-service scenario inside the programme. This buffer overflow could also result in a one-byte memory leak in a very specific scenario. Read More…