PT-2019-17480 · Lead Technologies · Leadtools
Cory Duplantis
·
Published
2019-11-06
·
Updated
2022-06-21
·
CVE-2019-5100
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
LEADTOOLS version 20
Description
An integer overflow vulnerability exists in the BMP header parsing functionality. A specially crafted BMP image file can cause an integer overflow, potentially resulting in code execution. An attacker can specially craft a BMP image to trigger this issue.
Recommendations
For LEADTOOLS version 20, update to a version that includes a fix for the integer overflow vulnerability in the BMP header parsing functionality.
Exploit
Fix
Integer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Leadtools