First published: Wed Nov 06 2019(Updated: )
An exploitable heap out-of-bounds write vulnerability exists in the TIF-parsing functionality of LEADTOOLS 20. A specially crafted TIF image can cause an offset beyond the bounds of a heap allocation to be written, potentially resulting in code execution. An attacker can specially craft a TIF image to trigger this vulnerability.
Credit: talos-cna@cisco.com
Affected Software | Affected Version | How to fix |
---|---|---|
Leadtools Leadtools | =20.0.2019.3.15 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this heap out-of-bounds write vulnerability in LEADTOOLS 20 is CVE-2019-5084.
The severity of CVE-2019-5084 is high with a score of 7.8.
Version 20.0.2019.3.15 of LEADTOOLS is affected by CVE-2019-5084.
An attacker can exploit this vulnerability by creating a specially crafted TIF image.
There is no information available about a fix for CVE-2019-5084. It is recommended to follow the guidance provided by the vendor.