AccuSoft ImageGear Igcore15d.DLL Malformed CLP File Buffer Overflow Vulnerability

AccuSoft ImageGear Library is prone to a buffer-overflow vulnerability because it fails to bounds-check user-supplied data before copying it into an insufficiently sized memory buffer.

An attacker may exploit this issue by enticing a victim to open a malicious CLP file with an application using the affected library.

Successful exploits can allow attackers to execute arbitrary code in the context of applications using the affected library. Failed exploit attempts will likely result in denial-of-service conditions.

This issue affects Corel Paint Shop Pro Photo 11.20 and AccuSoft ImageGear 15.2; other versions may also be affected.

NOTE: This issue was originally reported to affect only Corel Paint Shop Pro. However, further information reveals that the vulnerability lies in the AccuSoft ImageGear Library used by both applications.


 

Privacy Statement
Copyright 2010, SecurityFocus