CVE-2021-21938

Sažetak

A heap-based buffer overflow vulnerability exists in the Palette box parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.

Reference

https://talosintelligence.com/vulnerability_reports/TALOS-2021-1367
http://help.accusoft.com/ImageGear/v20.0/Windows/DLL/webframe.html

CVSS

Base:	6.8
Impact:	6.4
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:M/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

26-06-2023 - 18:00

Objavljeno

14-04-2022 - 20:15