5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
0.0004 Low
EPSS
Percentile
10.5%
libtiff.so is vulnerable to heap-buffer-overflow. The vulnerability is due to in extractImageSection
function in tiffcrop.c
allows attackers to cause a Denial of Service via a crafted tiff file.
CPE | Name | Operator | Version |
---|---|---|---|
libtiff.so | le | 6.0.2 | |
libtiff.so | le | 6.0.2 |