PT-2019-17480 · Lead Technologies · Leadtools
Cory Duplantis
·
Publicado
2019-11-06
·
Atualizado
2022-06-21
·
CVE-2019-5100
CVSS v3.1
8.8
Alta
| Vetor | AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
LEADTOOLS version 20
Description
An integer overflow vulnerability exists in the BMP header parsing functionality. A specially crafted BMP image file can cause an integer overflow, potentially resulting in code execution. An attacker can specially craft a BMP image to trigger this issue.
Recommendations
For LEADTOOLS version 20, update to a version that includes a fix for the integer overflow vulnerability in the BMP header parsing functionality.
Exploit
Correção
Integer Overflow
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Leadtools