CVE-2019-5093

An exploitable code execution vulnerability exists in the DICOM network response functionality of LEADTOOLS libltdic.so version 20.0.2019.3.15. A specially crafted packet can cause an integer overflow, resulting in heap corruption. An attacker can send a packet to trigger this vulnerability...

CVE-2019-5091

An exploitable denial-of-service vulnerability exists in the Dicom-packet parsing functionality of LEADTOOLS libltdic.so version 20.0.2019.3.15. A specially crafted packet can cause an infinite loop, resulting in a denial of service. An attacker can send a packet to trigger this vulnerability...

Integer overflow

An exploitable code execution vulnerability exists in the DICOM network response functionality of LEADTOOLS libltdic.so version 20.0.2019.3.15. A specially crafted packet can cause an integer overflow, resulting in heap corruption. An attacker can send a packet to trigger this vulnerability...

Information disclosure

An exploitable information disclosure vulnerability exists in the DICOM packet-parsing functionality of LEADTOOLS libltdic.so, version 20.0.2019.3.15. A specially crafted packet can cause an out-of-bounds read, resulting in information disclosure. An attacker can send a packet to trigger this...

CVE-2019-5091

The CVE-2019-5091 issue affects LEADTOOLS libltdic.so (LEADTOOLS 20.0.2019.3.15). In DICOM packet parsing, LDicomAssociate::SetBinary can enter an infinite loop when processing Presentation Context data (bytes not equal to 0x30 or 0x40), enabling a denial-of-service via a specially crafted networ...

CVE-2019-5085

LEADTOOLS libltdic.so (DICOM parsing) version 20.0.2019.3.15 is affected by an exploit that causes an integer overflow during heap-allocated buffer growth, leading to heap corruption and potential code execution. The issue arises when parsing incoming DICOM packets in the network listener (LDicom...

CVE-2019-5093

LEADTOOLS libltdic.so 20.0.2019.3.15 is affected by CVE-2019-5093 in the DICOM network response path. A crafted packet can set the LDicomAssociate::m_nMaxLength to an attacker-controlled value, triggering an integer overflow during buffer sizing and resulting in heap corruption. The flaw is exerc...

CVE-2019-5093

An exploitable code execution vulnerability exists in the DICOM network response functionality of LEADTOOLS libltdic.so version 20.0.2019.3.15. A specially crafted packet can cause an integer overflow, resulting in heap corruption. An attacker can send a packet to trigger this vulnerability...

CVE-2019-5090

CVE-2019-5090 affects LEADTOOLS libltdic.so 20.0.2019.3.15 in the DICOM packet-parsing path. A crafted DICOM network packet can trigger an out-of-bounds read in LDicomFile::Write, leading to information disclosure. Talos advisories (e.g., TALOS-2019-0882) describe the vulnerability details and co...

LEADTOOLS libltdic.so DICOM LDicomNet::SendData Code Execution Vulnerability

Summary An exploitable code execution vulnerability exists in the DICOM network response functionality of LEADTOOLS libltdic.so version 20.0.2019.3.15. A specially crafted packet can cause an integer overflow, resulting in heap corruption. An attacker can send a packet to trigger this...

LEADTOOLS libltdic.so LDicomAssociate::SetBinary denial-of-service vulnerability

Summary An exploitable denial-of-service vulnerability exists in the Dicom-packet parsing functionality of LEADTOOLS libltdic.so version 20. A specially crafted packet can cause an infinite loop, resulting in a denial of service. An attacker can send a packet to trigger this vulnerability. Tested...

LEADTOOLS libltdic.so DICOM LDicomNet::receive information disclosure vulnerability

Summary An exploitable information disclosure vulnerability exists in the DICOM packet-parsing functionality of LEADTOOLS libltdic.so, version 20.0.2019.3.15. A specially crafted packet can cause an out-of-bounds read, resulting in information disclosure. An attacker can send a packet to trigger...

LEADTOOLS libltdic.so DICOM receive code execution vulnerability

Summary An exploitable code execution vulnerability exists in the DICOM packet-parsing functionality of LEADTOOLS libltdic.so, version 20.0.2019.3.15. A specially crafted packet can cause an integer overflow, resulting in heap corruption. An attacker can send a packet to trigger this vulnerabilit...