tif_getimage.c in LibTIFF 3.9.0 and 3.9.2 on 64-bit platforms, as used in ImageMagick, does not properly perform vertical flips, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TIFF image, related to "downsampled OJPEG input."
References
Configurations
Configuration 1 (hide)
|
History
13 Feb 2023, 04:20
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | tif_getimage.c in LibTIFF 3.9.0 and 3.9.2 on 64-bit platforms, as used in ImageMagick, does not properly perform vertical flips, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TIFF image, related to "downsampled OJPEG input." |
02 Feb 2023, 17:17
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | CVE-2010-2233 libtiff: incorrect type extension for negative toskew values on 64bit platforms |
Information
Published : 2010-07-02 12:43
Updated : 2023-12-10 11:03
NVD link : CVE-2010-2233
Mitre link : CVE-2010-2233
CVE.ORG link : CVE-2010-2233
JSON object : View
Products Affected
libtiff
- libtiff
CWE
CWE-20
Improper Input Validation