Heap-based Buffer Overflow

2023-05-1806:26:26

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

libtiff vulnerability application crash buffer overflow

0.001 Low

EPSS

Percentile

23.3%

JSON

libtiff.so is vulnerable to Heap-based Buffer Overflow. The vulnerability exists via the TIFFTAG_INKNAMES and TIFFTAG_NUMBEROFINKS values which allows an attacker to cause a buffer overflow resulting in an application crash.

CPENameOperatorVersion
libtiff.sole5.8.0
compat-libtiff3eq3.9.4__12.el7
compat-libtiff3eq3.9.4__13.el8
compat-libtiff3eq3.9.4__11.el7
libtiffeq3.9.4__1.el6_0.3
libtiffeq4.0.9__13.el8
libtiffeq4.0.9__18.el8
libtiffeq3.9.4__1.el6_0.1
libtiffeq4.0.9__21.el8
libtiffeq3.9.4__1.el6_0.2

Name	Operator	Version
libtiff.so	le	5.8.0
compat-libtiff3	eq	3.9.4__12.el7
compat-libtiff3	eq	3.9.4__13.el8
compat-libtiff3	eq	3.9.4__11.el7
libtiff	eq	3.9.4__1.el6_0.3
libtiff	eq	4.0.9__13.el8
libtiff	eq	4.0.9__18.el8
libtiff	eq	3.9.4__1.el6_0.1
libtiff	eq	4.0.9__21.el8
libtiff	eq	3.9.4__1.el6_0.2