Reachable Assertion in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 5e180045.
Max CVSS
6.5
EPSS Score
0.31%
Published
2022-03-10
Updated
2023-02-22
A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other context-dependent impact
Max CVSS
7.1
EPSS Score
0.63%
Published
2022-03-10
Updated
2023-02-02
Unchecked Return Value to NULL Pointer Dereference in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f2b656e2.
Max CVSS
5.5
EPSS Score
0.17%
Published
2022-03-11
Updated
2022-11-07
Null source pointer passed as an argument to memcpy() function within TIFFFetchNormalTag () in tif_dirread.c in libtiff versions up to 4.3.0 could lead to Denial of Service via crafted TIFF file.
Max CVSS
7.7
EPSS Score
0.13%
Published
2022-03-11
Updated
2022-11-07
Divide By Zero error in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f8d0f9aa.
Max CVSS
5.5
EPSS Score
0.17%
Published
2022-03-11
Updated
2022-11-07
Out-of-bounds Read error in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 408976c4.
Max CVSS
5.5
EPSS Score
0.16%
Published
2022-03-11
Updated
2022-11-16
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!