CVE-2019-5125

Name of the Vulnerable Software and Affected Versions LEADTOOLS version 20

Description A heap overflow issue exists in the JPEG2000 parsing functionality. A specially crafted J2K image file can cause an out of bounds write of a heap buffer, potentially resulting in code execution. An attack can specially craft a J2K image to trigger this issue.

Recommendations For LEADTOOLS version 20, consider avoiding the use of the JPEG2000 parsing functionality until a fix is available. As a temporary workaround, restrict the processing of J2K image files to minimize the risk of exploitation.