LEADTOOLS 20 Integer Overflow or Wraparound Vulnerability

Summary

An exploitable integer overflow vulnerability exists in the BMP header parsing functionality of LEADTOOLS 20. 

Credit:

The information has been provided by Cory Duplantis

The original article can be found at:https://talosintelligence.com/vulnerability_reports/TALOS-2019-0892


Details

A specially crafted BMP image file can cause an integer overflow, potentially resulting in code execution. An attacker can specially craft a BMP image to trigger this vulnerability.

 

Vulnerable Systems:

LEADTOOLS 20

 

CVE Information:

CVE-2019-5100

 

Disclosure Timeline:
Published Date:11/6/2019