Wednesday, November 6, 2019

Vulnerability Spotlight: Code execution vulnerabilities in LEADTOOLS


Marcin Towalski and Cory Duplantis of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw.

Cisco Talos recently discovered multiple vulnerabilities in the LEADTOOLS line of imaging toolkits. LEADTOOLS is a collection of toolkits designed to perform a variety of functions aimed at integrating documents, multimedia and imaging technologies into applications. All of the software is produced by LEAD Technologies Inc. LEADTOOLS offers prebuilt and portable libraries with an SDK for most platforms (Windows, Linux, Android, etc.), that are all geared toward building
applications for medical systems. Various pieces of LEADTOOLS contain vulnerabilities that could be exploited by malicious actors to carry out a number of actions, including denial-of-service conditions and the execution of code remotely.

In accordance with our coordinated disclosure policy, Cisco Talos worked with LEAD Technologies to ensure that these issues are resolved and that an update is available for affected customers.

Vulnerability details

LEADTOOLS TIF ImageWidth code execution vulnerability (TALOS-2019-0876/CVE-2019-5084)

An exploitable heap out-of-bounds write vulnerability exists in the TIF-parsing functionality of LEADTOOLS 20. A specially crafted TIF image can cause an offset beyond the bounds of a heap allocation to be written, potentially resulting in code execution. An attacker can specially craft a TIF image to trigger this vulnerability.

Read the complete vulnerability advisory here for additional information.

LEADTOOLS CMP-parsing code execution vulnerability (TALOS-2019-0891/CVE-2019-5099)

An exploitable integer underflow vulnerability exists in the CMP-parsing functionality of LEADTOOLS 20. A specially crafted CMP image file can cause an integer underflow, potentially resulting in code execution. An attacker can specially craft a CMP image to trigger this vulnerability. 

Read the complete vulnerability advisory here for additional information.

LEADTOOLS BMP parsing remote code execution vulnerability (TALOS-2019-0892/CVE-2019-5125)

An exploitable integer overflow vulnerability exists in the BMP header parsing functionality of LEADTOOLS 20. A specially crafted BMP image file can cause an integer overflow, potentially resulting in code execution. An attacker can specially craft a BMP image to trigger this vulnerability.

Read the complete vulnerability advisory here for additional information.

LEADTOOLS JPEG2000 j2pc parsing code execution vulnerability (TALOS-2019-0916/CVE-2019-5125)

An exploitable heap overflow vulnerability exists in the JPEG2000-parsing functionality of LEADTOOLS 20. A specially crafted J2K image file can cause an out-of-bounds write of a heap buffer, potentially resulting in code execution. An attack can specially craft a J2K image to trigger this vulnerability.. 

Read the complete vulnerability advisory here for additional information.

Versions tested

Talos tested and confirmed that version 20.0.2019.3.15 of LEADTOOLS is affected by these vulnerabilities.

Coverage

The following SNORTⓇ rules will detect exploitation attempts. Note that additional rules may be released at a future date and current rules are subject to change pending additional vulnerability information. For the most current rule information, please refer to your Firepower Management Center or Snort.org.

Snort Rules: 50824 - 50827, 51930-51938, 51447, 51448

No comments:

Post a Comment