Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2022-1355

Опубликовано: 12 апр. 2022
Источник: redhat
CVSS3: 6.6
EPSS Низкий

Описание

A stack buffer overflow flaw was found in Libtiffs' tiffcp.c in main() function. This flaw allows an attacker to pass a crafted TIFF file to the tiffcp tool, triggering a stack buffer overflow issue, possibly corrupting the memory, and causing a crash that leads to a denial of service.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6libtiffNot affected
Red Hat Enterprise Linux 7compat-libtiff3Not affected
Red Hat Enterprise Linux 7libtiffOut of support scope
Red Hat Enterprise Linux 8compat-libtiff3Not affected
Red Hat Enterprise Linux 8libtiffFixedRHSA-2022:758508.11.2022
Red Hat Enterprise Linux 9libtiffFixedRHSA-2022:819415.11.2022

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-119->CWE-121
https://bugzilla.redhat.com/show_bug.cgi?id=2074415libtiff: stack-buffer-overflow in tiffcp.c in main()

EPSS

Процентиль: 10%
0.00038
Низкий

6.6 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2022-1355

CVSS3: 6.1
ubuntu
почти 3 года назад

A stack buffer overflow flaw was found in Libtiffs' tiffcp.c in main() function. This flaw allows an attacker to pass a crafted TIFF file to the tiffcp tool, triggering a stack buffer overflow issue, possibly corrupting the memory, and causing a crash that leads to a denial of service.

nvd логотип

CVE-2022-1355

CVSS3: 6.1
nvd
почти 3 года назад

A stack buffer overflow flaw was found in Libtiffs' tiffcp.c in main() function. This flaw allows an attacker to pass a crafted TIFF file to the tiffcp tool, triggering a stack buffer overflow issue, possibly corrupting the memory, and causing a crash that leads to a denial of service.

debian логотип

CVE-2022-1355

CVSS3: 6.1
debian
почти 3 года назад

A stack buffer overflow flaw was found in Libtiffs' tiffcp.c in main() ...

github логотип

GHSA-2fqh-vmvf-c822

CVSS3: 6.1
github
почти 3 года назад

A stack buffer overflow flaw was found in Libtiffs' tiffcp.c in main() function. This flaw allows an attacker to pass a crafted TIFF file to the tiffcp tool, triggering a stack buffer overflow issue, possibly corrupting the memory, and causing a crash that leads to a denial of service.

fstec логотип

BDU:2023-09082

CVSS3: 6.1
fstec
больше 3 лет назад

Уязвимость функции main() компонента tiffcp.c библиотеки LibTIFF, позволяющая нарушителю нарушить целостность данных, а также вызвать отказ в обслуживании

EPSS

Процентиль: 10%
0.00038
Низкий

6.6 Medium

CVSS3