22 matches found
EUVD-2020-27243
Malware in sbrugna...
EUVD-2019-14705
Malware in sbrugna...
EUVD-2019-14704
Malware in sbrugna...
EUVD-2019-14730
Malware in sbrugna...
CVE-2019-5099
An exploitable integer underflow vulnerability exists in the CMP-parsing functionality of LEADTOOLS 20. A specially crafted CMP image file can cause an integer underflow, potentially resulting in code execution. An attacker can specially craft a CMP image to trigger this vulnerability...
CVE-2019-5084
An exploitable heap out-of-bounds write vulnerability exists in the TIF-parsing functionality of LEADTOOLS 20. A specially crafted TIF image can cause an offset beyond the bounds of a heap allocation to be written, potentially resulting in code execution. An attacker can specially craft a TIF ima...
CVE-2019-5125
An exploitable heap overflow vulnerability exists in the JPEG2000 parsing functionality of LEADTOOLS 20. A specially crafted J2K image file can cause an out of bounds write of a heap buffer, potentially resulting in code execution. An attack can specially craft a J2K image to trigger this...
CVE-2019-5100
An exploitable integer overflow vulnerability exists in the BMP header parsing functionality of LEADTOOLS 20. A specially crafted BMP image file can cause an integer overflow, potentially resulting in code execution. An attacker can specially craft a BMP image to trigger this vulnerability...
CVE-2020-6089
An exploitable code execution vulnerability exists in the ANI file format parser of Leadtools 20. A specially crafted ANI file can cause a buffer overflow resulting in remote code execution. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2020-6089
Leadtools 20 contains an exploitable buffer overflow in the ANI file format parser (lfAniX.DLL). The TALOS analysis details the ANI header parsing (ANIH) and RATE header handling: a buffer is allocated based on the RATE.display_rate, then populated with 4 * anih_header.width bytes. If a crafted R...
CVE-2019-5099
An exploitable integer underflow vulnerability exists in the CMP-parsing functionality of LEADTOOLS 20. A specially crafted CMP image file can cause an integer underflow, potentially resulting in code execution. An attacker can specially craft a CMP image to trigger this vulnerability...
CVE-2019-5125
An exploitable heap overflow vulnerability exists in the JPEG2000 parsing functionality of LEADTOOLS 20. A specially crafted J2K image file can cause an out of bounds write of a heap buffer, potentially resulting in code execution. An attack can specially craft a J2K image to trigger this...
CVE-2019-5100
An exploitable integer overflow vulnerability exists in the BMP header parsing functionality of LEADTOOLS 20. A specially crafted BMP image file can cause an integer overflow, potentially resulting in code execution. An attacker can specially craft a BMP image to trigger this vulnerability...
Integer overflow
An exploitable integer underflow vulnerability exists in the CMP-parsing functionality of LEADTOOLS 20. A specially crafted CMP image file can cause an integer underflow, potentially resulting in code execution. An attacker can specially craft a CMP image to trigger this vulnerability...
CVE-2019-5100
Summary: CVE-2019-5100 affects LEADTOOLS 20, specifically the BMP header parsing in the LEAD_Load path (lfBmpX.DLL). The root cause is an integer overflow when deriving the to-be-copied buffer size from the BMP biWidth and biSize fields, which can overflow the allocated memory and cause an out-of...
CVE-2019-5100
An exploitable integer overflow vulnerability exists in the BMP header parsing functionality of LEADTOOLS 20. A specially crafted BMP image file can cause an integer overflow, potentially resulting in code execution. An attacker can specially craft a BMP image to trigger this vulnerability...
CVE-2019-5125
An exploitable heap overflow vulnerability exists in the JPEG2000 parsing functionality of LEADTOOLS 20. A specially crafted J2K image file can cause an out of bounds write of a heap buffer, potentially resulting in code execution. An attack can specially craft a J2K image to trigger this...
CVE-2019-5125
The CVE-2019-5125 issue affects LEADTOOLS 20 JPEG2000 parsing (j2pc). A specially crafted J2K image can trigger a heap out-of-bounds write in the image allocation/processing path, potentially enabling code execution. Public vulnerability coverage (Talos advisory TALOS-2019-0916) confirms the impa...
CVE-2019-5099
The CVE-2019-5099 issue affects LEADTOOLS 20, specifically the CMP-parsing code. A vulnerability in the CMP data handling can underflow the parsed size when the current data size field is set to 1, leading to a heap buffer overflow during a memmove and potentially enabling code execution. TALOS d...
CVE-2019-5099
An exploitable integer underflow vulnerability exists in the CMP-parsing functionality of LEADTOOLS 20. A specially crafted CMP image file can cause an integer underflow, potentially resulting in code execution. An attacker can specially craft a CMP image to trigger this vulnerability...