Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2023-41175

Опубликовано: 05 окт. 2023
Источник: debian
EPSS Низкий

Описание

A vulnerability was found in libtiff due to multiple potential integer overflows in raw2tiff.c. This flaw allows remote attackers to cause a denial of service or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
tifffixed4.5.1+git230720-1package

Примечания

  • https://gitlab.com/libtiff/libtiff/-/issues/592

  • https://gitlab.com/libtiff/libtiff/-/commit/6e2dac5f904496d127c92ddc4e56eccfca25c2ee

  • https://bugzilla.redhat.com/show_bug.cgi?id=2235264

EPSS

Процентиль: 49%
0.00261
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2023-41175

CVSS3: 6.5
ubuntu
больше 1 года назад

A vulnerability was found in libtiff due to multiple potential integer overflows in raw2tiff.c. This flaw allows remote attackers to cause a denial of service or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow.

redhat логотип

CVE-2023-41175

CVSS3: 6.5
redhat
почти 2 года назад

A vulnerability was found in libtiff due to multiple potential integer overflows in raw2tiff.c. This flaw allows remote attackers to cause a denial of service or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow.

nvd логотип

CVE-2023-41175

CVSS3: 6.5
nvd
больше 1 года назад

A vulnerability was found in libtiff due to multiple potential integer overflows in raw2tiff.c. This flaw allows remote attackers to cause a denial of service or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow.

github логотип

GHSA-hjwh-g78g-5xvp

CVSS3: 6.5
github
больше 1 года назад

A vulnerability was found in libtiff due to multiple potential integer overflows in raw2tiff.c. This flaw allows remote attackers to cause a denial of service or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow.

fstec логотип

BDU:2023-07663

CVSS3: 6.5
fstec
почти 2 года назад

Уязвимость компонента raw2tiff.c библиотеки LibTIFF, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 49%
0.00261
Низкий