LEADTOOLS 20 Integer Overflow or Wraparound Vulnerability

Summary

An exploitable integer underflow vulnerability exists in the CMP-parsing functionality of LEADTOOLS 20. 

 

Credit:

The information has been provided by Cory Duplantis

The original article can be found at:https://talosintelligence.com/vulnerability_reports/TALOS-2019-0891


Details

A specially crafted CMP image file can cause an integer underflow, potentially resulting in code execution. An attacker can specially craft a CMP image to trigger this vulnerability.

 

Vulnerable Systems:

LEADTOOLS 20

 

CVE Information:

CVE-2019-5099

Disclosure Timeline:
Published Date:11/6/2019