Emmanuel Tacheau of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw.
Cisco Talos recently discovered four code execution vulnerabilities in Accusoft ImageGear. The ImageGear library is a document-imaging developer toolkit to assist users with image conversion,
creation, editing and more. There are vulnerabilities in certain functions of ImageGear that could allow an attacker to execute code on the victim machine.
In accordance with our coordinated disclosure policy, Cisco Talos worked with Accusoft to ensure that these issues are resolved and that an update is available for affected customers.
Vulnerability details
Accusoft ImageGear PNG store_data_buffer size computation code execution vulnerability (TALOS-2020-0998/CVE-2020-6075)
An exploitable out-of-bounds write vulnerability exists in the `store_data_buffer` function of the igcore19d.dll library of Accusoft ImageGear 19.5.0. A specially crafted PNG file can cause an out-of-bounds write, resulting in remote code execution. An attacker needs to provide a malformed file to the victim to trigger the vulnerability.
Read the complete vulnerability advisory here for additional information.
Accusoft ImageGear ICO ico_read buffer size computation code execution vulnerability (TALOS-2020-0999/CVE-2020-6076)
An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll ICO icoread parser of the Accusoft ImageGear 19.5.0 library. A specially crafted ICO file can cause an out-of-bounds write, resulting in remote code execution. An attacker needs to provide a malformed file to the victim to trigger the vulnerability. Read the complete vulnerability advisory here for additional information.
Accusoft ImageGear ICO ico_read buffer size computation code execution vulnerability (TALOS-2020-1004/CVE-2020-6082)
An exploitable out-of-bounds write vulnerability exists in the `ico_read` function of the igcore19d.dll library of Accusoft ImageGear 19.6.0. A specially crafted ICO file can cause an out-of-bounds write, resulting in remote code execution. An attacker needs to provide a malformed file to the victim to trigger the vulnerability. Read the complete vulnerability advisory here for additional information.
Accusoft ImageGear TIFF fill_in_raster buffer copy operation code execution vulnerability(TALOS-2020-1017/CVE-2020-6094)
An exploitable code execution vulnerability exists in the TIFF fill_in_raster function of the igcore19d.dll library of Accusoft ImageGear 19.4, 19.5 and 19.6. A specially crafted TIFF file can cause an out-of-bounds write, resulting in remote code execution. An attacker can provide a malicious file to trigger this vulnerability. Read the complete vulnerability advisory here for additional information.
Versions tested Talos tested and confirmed that TALOS-2020-0998 and TALOS-2020-0999 affect only Accusoft ImageGear, version 19.5.0. TALOS-2020-1004 and TALOS-2020-1017 affect that version, as well as versions 19.4.0 and 19.6.0.
Coverage The following SNORTⓇ rules will detect exploitation attempts. Note that additional rules may be released at a future date and current rules are subject to change pending additional vulnerability information. For the most current rule information, please refer to your Firepower Management Center or Snort.org.
Snort Rules: 45019, 45020, 53006 - 53008, 53065, 53066, 53252 - 53255