Описание
In LibTIFF 4.0.9, there is a NULL pointer dereference in the TIFFWriteDirectorySec function in tif_dirwrite.c that will lead to a denial of service attack, as demonstrated by tiffset.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| tiff | fixed | 4.0.10-4 | package | |
| tiff3 | removed | package |
Примечания
http://bugzilla.maptools.org/show_bug.cgi?id=2820
https://gitlab.com/libtiff/libtiff/commit/d0a842c5dbad2609aed43c701a12ed12461d3405
https://gitlab.com/libtiff/libtiff/commit/38ede78b13810ff0fa8e61f86ef9aa0ab2964668
Связанные уязвимости
In LibTIFF 4.0.9, there is a NULL pointer dereference in the TIFFWriteDirectorySec function in tif_dirwrite.c that will lead to a denial of service attack, as demonstrated by tiffset.
In LibTIFF 4.0.9, there is a NULL pointer dereference in the TIFFWriteDirectorySec function in tif_dirwrite.c that will lead to a denial of service attack, as demonstrated by tiffset.
In LibTIFF 4.0.9, there is a NULL pointer dereference in the TIFFWriteDirectorySec function in tif_dirwrite.c that will lead to a denial of service attack, as demonstrated by tiffset.
In LibTIFF 4.0.9, there is a NULL pointer dereference in the TIFFWriteDirectorySec function in tif_dirwrite.c that will lead to a denial of service attack, as demonstrated by tiffset.
Уязвимость функции TIFFWriteDirectorySec программного обеспечения для просмотра, редактирования и конвертирования TIFF-файлов, связанная с ошибками разыменования указателя, позволяющая нарушителю вызвать отказ в обслуживании