Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2023-41175

Опубликовано: 05 окт. 2023
Источник: nvd
CVSS3: 6.5
EPSS Низкий

Описание

A vulnerability was found in libtiff due to multiple potential integer overflows in raw2tiff.c. This flaw allows remote attackers to cause a denial of service or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*
Версия до 4.6.0 (исключая)
Конфигурация 2

Одно из

cpe:2.3:o:fedoraproject:fedora:-:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*

EPSS

Процентиль: 49%
0.00261
Низкий

6.5 Medium

CVSS3

Дефекты

CWE-190
CWE-190

Связанные уязвимости

ubuntu логотип

CVE-2023-41175

CVSS3: 6.5
ubuntu
больше 1 года назад

A vulnerability was found in libtiff due to multiple potential integer overflows in raw2tiff.c. This flaw allows remote attackers to cause a denial of service or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow.

redhat логотип

CVE-2023-41175

CVSS3: 6.5
redhat
почти 2 года назад

A vulnerability was found in libtiff due to multiple potential integer overflows in raw2tiff.c. This flaw allows remote attackers to cause a denial of service or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow.

debian логотип

CVE-2023-41175

CVSS3: 6.5
debian
больше 1 года назад

A vulnerability was found in libtiff due to multiple potential integer ...

github логотип

GHSA-hjwh-g78g-5xvp

CVSS3: 6.5
github
больше 1 года назад

A vulnerability was found in libtiff due to multiple potential integer overflows in raw2tiff.c. This flaw allows remote attackers to cause a denial of service or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow.

fstec логотип

BDU:2023-07663

CVSS3: 6.5
fstec
почти 2 года назад

Уязвимость компонента raw2tiff.c библиотеки LibTIFF, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 49%
0.00261
Низкий

6.5 Medium

CVSS3

Дефекты

CWE-190
CWE-190