CVE-2020-13572

Summary

A heap overflow vulnerability exists in the way the GIF parser decodes LZW compressed streams in Accusoft ImageGear 19.8. A specially crafted malformed file can trigger a heap overflow, which can result in arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.

Affected Software

VendorProductVersion RangeStatus
n/aAccusoftAccusoft ImageGear Accusoft ImageGear 19.8affected

Weaknesses

  • CWE-122: CWE-122 - Heap-based Buffer Overflow

ADP Enrichment

CVE Program Container

Additional References

References