exploitDog

GHSA-9h69-jrqq-936c

Опубликовано: 25 сент. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

A use-after-free vulnerability exists in the tif_parse_sub_IFD functionality of Accusoft ImageGear 20.1. A specially crafted malformed file can lead to arbitrary code execution. An attacker can deliver file to trigger this vulnerability.

A use-after-free vulnerability exists in the tif_parse_sub_IFD functionality of Accusoft ImageGear 20.1. A specially crafted malformed file can lead to arbitrary code execution. An attacker can deliver file to trigger this vulnerability.

Ссылки

EPSS

Процентиль: 53%

0.00299

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-416

Связанные уязвимости

CVE-2023-39453

CVSS3: 9.8

nvd

больше 2 лет назад

A use-after-free vulnerability exists in the tif_parse_sub_IFD functionality of Accusoft ImageGear 20.1. A specially crafted malformed file can lead to arbitrary code execution. An attacker can deliver this file to trigger this vulnerability.

EPSS

Процентиль: 53%

0.00299

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-416