Описание
LibTIFF is vulnerable to an integer overflow. This flaw allows remote attackers to cause a denial of service (application crash) or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support |
| devel | not-affected | 4.5.1+git230720-1ubuntu1 |
| esm-infra-legacy/trusty | not-affected | 4.0.3-7ubuntu0.11+esm9 |
| esm-infra/bionic | not-affected | 4.0.9-5ubuntu0.10+esm2 |
| esm-infra/focal | not-affected | 4.1.0+git191117-2ubuntu0.20.04.9 |
| esm-infra/xenial | not-affected | 4.0.6-1ubuntu0.8+esm12 |
| focal | not-affected | 4.1.0+git191117-2ubuntu0.20.04.9 |
| jammy | not-affected | 4.3.0-6ubuntu0.5 |
| lunar | not-affected | 4.5.0-5ubuntu1.1 |
| trusty | ignored | end of standard support |
Показывать по
Ссылки на источники
EPSS
6.5 Medium
CVSS3
Связанные уязвимости
LibTIFF is vulnerable to an integer overflow. This flaw allows remote attackers to cause a denial of service (application crash) or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow.
LibTIFF is vulnerable to an integer overflow. This flaw allows remote attackers to cause a denial of service (application crash) or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow.
LibTIFF is vulnerable to an integer overflow. This flaw allows remote ...
LibTIFF is vulnerable to an integer overflow. This flaw allows remote attackers to cause a denial of service (application crash) or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow.
Уязвимость функции readSeparateTilesIntoBuffer() библиотеки LibTIFF, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
6.5 Medium
CVSS3