libtiff.so is vulnerable to remote code execution (RCE) attacks. A malicious user can pass a tiff file to the TIFFGetField
function in tif_dir.c
that can lead to a type confusion, crashing the application or potentially causing arbitrary code to be executed.
CPE | Name | Operator | Version |
---|---|---|---|
libtiff.so | le | 5.2.0 | |
libtiff | le | 4.0.6.2 | |
libtiff.so | le | 5.2.0 | |
libtiff | le | 4.0.6.2 |