LEADTOOLS 20 Out-of-bounds Write Vulnerability

Summary

An exploitable heap overflow vulnerability exists in the JPEG2000 parsing functionality of LEADTOOLS 20.

 

Credit:

The information has been provided by Cory Duplantis

The original article can be found at:https://talosintelligence.com/vulnerability_reports/TALOS-2019-0916


Details

A specially crafted J2K image file can cause an out of bounds write of a heap buffer, potentially resulting in code execution. An attack can specially craft a J2K image to trigger this vulnerability.

 

Vulnerable Systems:

LEADTOOLS 20

 

CVE Information:

CVE-2019-5125

Disclosure Timeline:
Published Date:11/6/2019