CVE-2020-6151

Published: Sep 1, 2020Modified: Nov 21, 2024

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

A memory corruption vulnerability exists in the TIFF handle_COMPRESSION_PACKBITS functionality of Accusoft ImageGear 19.7. A specially crafted malformed file can cause a memory corruption. An attacker can provide a malicious file to trigger this vulnerability.

Affected (1)

Products: Accusoft: Imagegear

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Accusoft Imagegear	Version 19.7.0

Related CWEs

Incorrect Type Conversion or Cast

The product does not correctly convert an object, resource, or structure from one type to a different type.

Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

References (2)

https://talosintelligence.com/vulnerability_reports/TALOS-2020-1095

Source: talos-cna@cisco.com

Third Party Advisory

https://talosintelligence.com/vulnerability_reports/TALOS-2020-1095

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.