CVE-2019-5099

Name of the Vulnerable Software and Affected Versions LEADTOOLS version 20

Description An integer underflow vulnerability exists in the CMP-parsing functionality. A specially crafted CMP image file can cause an integer underflow, potentially resulting in code execution. An attacker can specially craft a CMP image to trigger this issue.

Recommendations For LEADTOOLS version 20, consider avoiding the use of CMP image files until a patch or fix is available. As a temporary workaround, restrict the processing of CMP images to minimize the risk of exploitation.