Heap Out-of-Bounds Write Vulnerability in LEADTOOLS 20 TIF Parsing Functionality

Heap Out-of-Bounds Write Vulnerability in LEADTOOLS 20 TIF Parsing Functionality

CVE-2019-5084 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

An exploitable heap out-of-bounds write vulnerability exists in the TIF-parsing functionality of LEADTOOLS 20. A specially crafted TIF image can cause an offset beyond the bounds of a heap allocation to be written, potentially resulting in code execution. An attacker can specially craft a TIF image to trigger this vulnerability.

Learn more about our Web Application Penetration Testing UK.