First published: Wed Jul 01 2020(Updated: )
An exploitable code execution vulnerability exists in the ANI file format parser of Leadtools 20. A specially crafted ANI file can cause a buffer overflow resulting in remote code execution. An attacker can provide a malicious file to trigger this vulnerability.
Credit: talos-cna@cisco.com
Affected Software | Affected Version | How to fix |
---|---|---|
Leadtools Leadtools | =20.0.0.0.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this Leadtools vulnerability is CVE-2020-6089.
The severity of CVE-2020-6089 is high with a severity value of 7.8.
The Leadtools version 20.0.0.0.0 is affected by CVE-2020-6089.
The impact of CVE-2020-6089 is remote code execution.
There is no available fix for CVE-2020-6089 at the moment. It is recommended to apply any patches or updates provided by the vendor.