Описание
LibTIFF is vulnerable to an integer overflow. This flaw allows remote attackers to cause a denial of service (application crash) or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | libtiff | Out of support scope | ||
| Red Hat Enterprise Linux 7 | compact-libtiff | Out of support scope | ||
| Red Hat Enterprise Linux 7 | libtiff | Out of support scope | ||
| Red Hat Enterprise Linux 8 | compat-libtiff3 | Will not fix | ||
| Red Hat Enterprise Linux 8 | libtiff | Will not fix | ||
| Red Hat Enterprise Linux 8 | mingw-libtiff | Will not fix | ||
| Red Hat Enterprise Linux 9 | libtiff | Fixed | RHSA-2024:2289 | 30.04.2024 |
Показывать по
Дополнительная информация
Статус:
EPSS
6.5 Medium
CVSS3
Связанные уязвимости
LibTIFF is vulnerable to an integer overflow. This flaw allows remote attackers to cause a denial of service (application crash) or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow.
LibTIFF is vulnerable to an integer overflow. This flaw allows remote attackers to cause a denial of service (application crash) or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow.
LibTIFF is vulnerable to an integer overflow. This flaw allows remote ...
LibTIFF is vulnerable to an integer overflow. This flaw allows remote attackers to cause a denial of service (application crash) or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow.
EPSS
6.5 Medium
CVSS3