CVE-2022-48281

Опубликовано: 23 янв. 2023

Источник: redhat

CVSS3: 5.5

Описание

processCropSelections in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based buffer overflow (e.g., "WRITE of size 307203") via a crafted TIFF image.

A vulnerability was found in libtiff. This vulnerability occurs due to an issue in processCropSelections in the tools/tiffcrop.c function in LibTIFF that has a heap-based buffer overflow (for example, "WRITE of size 307203") via a crafted TIFF image.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 6	libtiff	Out of support scope
Red Hat Enterprise Linux 7	compat-libtiff3	Out of support scope
Red Hat Enterprise Linux 7	libtiff	Will not fix
Red Hat Enterprise Linux 8	compat-libtiff3	Will not fix
Red Hat Enterprise Linux 8	libtiff	Fixed	RHSA-2023:3827	27.06.2023
Red Hat Enterprise Linux 9	libtiff	Fixed	RHSA-2023:3711	21.06.2023

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

https://bugzilla.redhat.com/show_bug.cgi?id=2163606libtiff: heap-based buffer overflow in processCropSelections() in tools/tiffcrop.c

5.5 Medium

CVSS3

Связанные уязвимости

CVE-2022-48281

CVSS3: 5.5

ubuntu

больше 2 лет назад

processCropSelections in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based buffer overflow (e.g., "WRITE of size 307203") via a crafted TIFF image.

CVE-2022-48281

CVSS3: 5.5

nvd

больше 2 лет назад

processCropSelections in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based buffer overflow (e.g., "WRITE of size 307203") via a crafted TIFF image.