VYPR
Vendor

Leadtools

Products
7
CVEs
17
Across products
19
Status
Private

Products

7

Recent CVEs

17
  • CVE-2019-5093CriDec 12, 2019
    risk 0.64cvss 9.8epss 0.03

    An exploitable code execution vulnerability exists in the DICOM network response functionality of LEADTOOLS libltdic.so version 20.0.2019.3.15. A specially crafted packet can cause an integer overflow, resulting in heap corruption. An attacker can send a packet to trigger this…

  • CVE-2019-5085CriDec 12, 2019
    risk 0.64cvss 9.8epss 0.03

    An exploitable code execution vulnerability exists in the DICOM packet-parsing functionality of LEADTOOLS libltdic.so, version 20.0.2019.3.15. A specially crafted packet can cause an integer overflow, resulting in heap corruption. An attacker can send a packet to trigger this…

  • CVE-2019-5154HigDec 12, 2019
    risk 0.57cvss 8.8epss 0.03

    An exploitable heap overflow vulnerability exists in the JPEG2000 parsing functionality of LEADTOOLS 20.0.2019.3.15. A specially crafted J2K image file can cause an out of bounds write of a null byte in a heap buffer, potentially resulting in code execution. An attack can…

  • CVE-2019-5092HigDec 12, 2019
    risk 0.57cvss 8.8epss 0.02

    An exploitable heap out of bounds write vulnerability exists in the UI tag parsing functionality of the DICOM image format of LEADTOOLS 20.0.2019.3.15. A specially crafted DICOM image can cause an offset beyond the bounds of a heap allocation to be written, potentially resulting…

  • CVE-2022-21154HigApr 14, 2022
    risk 0.51cvss 7.8epss 0.01

    An integer overflow vulnerability exists in the fltSaveCMP functionality of Leadtools 22. A specially-crafted BMP file can lead to an integer overflow, that in turn causes a buffer overflow. An attacker can provide a malicious BMP file to trigger this vulnerability.

  • CVE-2020-6089HigJul 1, 2020
    risk 0.51cvss 7.8epss 0.03

    An exploitable code execution vulnerability exists in the ANI file format parser of Leadtools 20. A specially crafted ANI file can cause a buffer overflow resulting in remote code execution. An attacker can provide a malicious file to trigger this vulnerability.

  • CVE-2019-5125HigNov 6, 2019
    risk 0.51cvss 7.8epss 0.02

    An exploitable heap overflow vulnerability exists in the JPEG2000 parsing functionality of LEADTOOLS 20. A specially crafted J2K image file can cause an out of bounds write of a heap buffer, potentially resulting in code execution. An attack can specially craft a J2K image to…

  • CVE-2019-5100HigNov 6, 2019
    risk 0.51cvss 7.8epss 0.02

    An exploitable integer overflow vulnerability exists in the BMP header parsing functionality of LEADTOOLS 20. A specially crafted BMP image file can cause an integer overflow, potentially resulting in code execution. An attacker can specially craft a BMP image to trigger this…

  • CVE-2019-5099HigNov 6, 2019
    risk 0.51cvss 7.8epss 0.02

    An exploitable integer underflow vulnerability exists in the CMP-parsing functionality of LEADTOOLS 20. A specially crafted CMP image file can cause an integer underflow, potentially resulting in code execution. An attacker can specially craft a CMP image to trigger this…

  • CVE-2019-5091HigDec 12, 2019
    risk 0.49cvss 7.5epss 0.02

    An exploitable denial-of-service vulnerability exists in the Dicom-packet parsing functionality of LEADTOOLS libltdic.so version 20.0.2019.3.15. A specially crafted packet can cause an infinite loop, resulting in a denial of service. An attacker can send a packet to trigger this…

  • CVE-2019-5090HigDec 12, 2019
    risk 0.49cvss 7.5epss 0.02

    An exploitable information disclosure vulnerability exists in the DICOM packet-parsing functionality of LEADTOOLS libltdic.so, version 20.0.2019.3.15. A specially crafted packet can cause an out-of-bounds read, resulting in information disclosure. An attacker can send a packet…

  • CVE-2007-2946May 31, 2007
    risk 0.04cvss epss 0.09

    Buffer overflow in a certain ActiveX control in LeadTools Raster Dialog File_D Object (LTRDFD14e.DLL) 14.5.0.44 allows remote attackers to cause a denial of service (Internet Explorer 7 crash) or execute arbitrary code via a long DestinationPath property value.

  • CVE-2007-2787May 21, 2007
    risk 0.04cvss epss 0.07

    Stack-based buffer overflow in the BrowseDir function in the (1) lttmb14E.ocx or (2) LTRTM14e.DLL ActiveX control in LeadTools Raster Thumbnail Object Library 14.5.0.44 allows remote attackers to execute arbitrary code via a long argument.

  • CVE-2008-1605Apr 1, 2008
    risk 0.03cvss epss 0.02

    The (1) ltmmCaptureCtrl Class, (2) ltmmConvertCtrl Class, and (3) ltmmPlayCtrl Class ActiveX controls (ltmm15.dll 15.1.0.17 and earlier) in LEADTOOLS Multimedia Toolkit 15 allow attackers to overwrite arbitrary files via the SaveSettingsToFile method.

  • CVE-2007-2980Jun 1, 2007
    risk 0.03cvss epss 0.05

    Heap-based buffer overflow in a certain ActiveX control in LEADTOOLS LEAD Raster ISIS Object (LTRIS14e.DLL) 14.5.0.44 allows remote attackers to cause a denial of service (Internet Explorer crash) or execute arbitrary code via a long DriverName property, a different ActiveX…

  • CVE-2007-2895May 30, 2007
    risk 0.03cvss epss 0.05

    Buffer overflow in a certain ActiveX control in LTRDF14e.DLL 14.5.0.44 in LeadTools Raster Dialog File Object allows remote attackers to execute arbitrary code via a long Directory property value.

  • CVE-2007-2851May 24, 2007
    risk 0.03cvss epss 0.02

    A certain ActiveX control in LeadTools Raster Variant Object Library (LTRVR14e.dll) 14.5.0.44 allows remote attackers to overwrite arbitrary files via the WriteDataToFile method.