LibTIFF is a library for reading and writing TIFF (Tagged Image File Format) files. The library contains a number of command-line tools for processing TIFF files. libTIFF suffers from a security vulnerability that stems from the lack of proper validation of user-supplied data by extractImageSection in its tools/tiffcrop.c:6905, where specially crafted data could trigger a read beyond the end of the allocated buffer. An attacker could exploit this vulnerability to cause a denial of service via a crafted tiff file.
CPE | Name | Operator | Version |
---|---|---|---|
libtiff libtiff | le | 4.4.0 |