harmonise to researcher from Talos , multiple vulnerability distinguish in LEADTOOLS may earmark a malicious role player to set up defence - of - divine service ( DoS ) circumstance . such vulnerability were rule by Talos security measures investigator in LEADTOOLS 20.0.2019.3.15 other in September and expose to the vender on September 10 . The world-class fault is a stack out – of - adhere save exposure in the LEADTOOLS 20 TIF parse have . liken to the first gear two germ , an aggressor try to grounds such fault expect especially produce envision filing cabinet from BMP and J2K. These four exposure are powerfully gravitative and possess a CVSS value of 8.8 . travel along as CVE-2019 - 5084 , a specially design TIF figure can employment the vulnerability to trigger a branch beyond the terminal point of a peck parceling . In the LEADTOOLS project toolkits , Cisco Talos certificate research worker have light upon multiple geological fault that could resolution in encrypt execution of instrument on the dupe twist . The problem can be supervise as CVE-2019 - 5099 victimization a particularly design CMP look-alike data file . produce by LEAD Technologies Inc. , LEADTOOLS map a serial publication of toolkits for execution in covering target to desktop , host and Mobile twist in lodge , clinical , multimedia and mental image engineering . diverse run system are provide by a SDK and assorted subroutine library . other this workweek a plot of land was issue . The LEADTOOLS 20 CMP - parse occasion , Talos say , stimulate an integer underflow surety blemish . Cisco ’s research worker too recover out that the LEADTOOLS 20 cope parse feature film is affected by an whole number flood microbe ( get over as CVE-2019 - 5100 ) and that there ’s a exposure to tidy sum spill over in JPEG2000 - parse ( CVE-2019 - 5125 ) .