Emmanuel Tacheau of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw.

Cisco Talos recently discovered multiple out-of-bounds write vulnerabilities in Accusoft ImageGear that an adversary could exploit to corrupt memory on the targeted machine. The ImageGear library is a document-imaging developer toolkit that offers image conversion, creation, editing, annotation and more. It supports more than 100 formats such as DICOM, PDF and Microsoft Office. A user could trigger these vulnerabilities by opening an attacker-created, malicious file.

In accordance with our coordinated disclosure policy, Cisco Talos worked with Accusoft to ensure that these issues are resolved and an update is available for affected customers.

Vulnerability details

Accusoft ImageGear TIFF Header count processing out-of-bounds write vulnerability (TALOS-2021-1227/CVE-2021-21773)

An out-of-bounds write vulnerability exists in the TIFF header count-processing functionality of Accusoft ImageGear 19.8. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability.

Read the complete vulnerability advisory here for additional information.

Accusoft ImageGear SGI Format Buffer Size Processing out-of-bounds write vulnerability (TALOS-2021-1232/CVE-2021-21776)

An out-of-bounds write vulnerability exists in the SGI Format Buffer Size Processing functionality of Accusoft ImageGear 19.8. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability.

Read the complete vulnerability advisory here for additional information.

Accusoft ImageGear SGI format buffer size processing out-of-bounds write vulnerability (TALOS-2021-1244/CVE-2021-21782)

An out-of-bounds write vulnerability exists in the SGI format buffer size processing functionality of Accusoft ImageGear 19.8. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability.

Read the complete vulnerability advisory here for additional information.

Versions tested

Talos tested and confirmed that these vulnerabilities affect Accusoft ImageGear, version 19.8.

Coverage

The following SNORTⓇ rules will detect exploitation attempts. Note that additional rules may be released at a future date and current rules are subject to change pending additional vulnerability information. For the most current rule information, please refer to your Firepower Management Center or Snort.org.

Snort Rules: 57011 - 57018, 57052, 57053, 57124, 57125