CVE-2019-5091

Published: Dec 12, 2019Modified: Nov 21, 2024

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

An exploitable denial-of-service vulnerability exists in the Dicom-packet parsing functionality of LEADTOOLS libltdic.so version 20.0.2019.3.15. A specially crafted packet can cause an infinite loop, resulting in a denial of service. An attacker can send a packet to trigger this vulnerability.

Affected (1)

Products: Leadtools: Leadtools

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Leadtools Leadtools	Version 20.0.2019.3.15

Related CWEs

Loop with Unreachable Exit Condition ('Infinite Loop')

The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.

References (2)

https://talosintelligence.com/vulnerability_reports/TALOS-2019-0883

Source: talos-cna@cisco.com

Third Party Advisory

https://talosintelligence.com/vulnerability_reports/TALOS-2019-0883

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.