Описание
Integer signedness error in the TIFFReadDirectory function in tif_dirread.c in libtiff 3.9.4 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a negative tile depth in a tiff image, which triggers an improper conversion between signed and unsigned types, leading to a heap-based buffer overflow.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 3.9.5-2ubuntu2 |
| hardy | released | 3.8.2-7ubuntu3.12 |
| lucid | released | 3.9.2-2ubuntu0.9 |
| natty | released | 3.9.4-5ubuntu6.2 |
| oneiric | released | 3.9.5-1ubuntu1.2 |
| precise | released | 3.9.5-2ubuntu1.1 |
| upstream | needs-triage |
Показывать по
EPSS
7.5 High
CVSS2
Связанные уязвимости
Integer signedness error in the TIFFReadDirectory function in tif_dirread.c in libtiff 3.9.4 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a negative tile depth in a tiff image, which triggers an improper conversion between signed and unsigned types, leading to a heap-based buffer overflow.
Integer signedness error in the TIFFReadDirectory function in tif_dirread.c in libtiff 3.9.4 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a negative tile depth in a tiff image, which triggers an improper conversion between signed and unsigned types, leading to a heap-based buffer overflow.
Integer signedness error in the TIFFReadDirectory function in tif_dirr ...
Integer signedness error in the TIFFReadDirectory function in tif_dirread.c in libtiff 3.9.4 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a negative tile depth in a tiff image, which triggers an improper conversion between signed and unsigned types, leading to a heap-based buffer overflow.
EPSS
7.5 High
CVSS2