Heap-based buffer overflow in the readgifimage function in the gif2tiff tool in libtiff 4.0.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted height and width values in a GIF image.
CPE | Name | Operator | Version |
---|---|---|---|
debian_linux | eq | 6.0 | |
debian_linux | eq | 7.0 | |
libtiff | le | 4.0.3 | |
libtiff | eq | 3.4 beta29 | |
libtiff | eq | 3.4 beta34 | |
libtiff | eq | 3.4 beta32 | |
libtiff | eq | 3.4 beta31 | |
libtiff | eq | 3.4 beta36 | |
libtiff | eq | 3.4 beta24 | |
libtiff | eq | 3.4 |