Multiple integer overflows in tiff_getimage.c in LibTIFF 3.9.4 allow remote attackers to execute arbitrary code via a crafted tile size in a TIFF file, which is not properly handled by the (1) gtTileSeparate or (2) gtStripSeparate function, leading to a heap-based buffer overflow.
References
Configurations
History
13 Feb 2023, 00:23
Type | Values Removed | Values Added |
---|---|---|
Summary | Multiple integer overflows in tiff_getimage.c in LibTIFF 3.9.4 allow remote attackers to execute arbitrary code via a crafted tile size in a TIFF file, which is not properly handled by the (1) gtTileSeparate or (2) gtStripSeparate function, leading to a heap-based buffer overflow. | |
References |
|
02 Feb 2023, 15:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | CVE-2012-1173 libtiff: Heap-buffer overflow due to TileSize calculation when parsing tiff files |
Information
Published : 2012-06-04 20:55
Updated : 2023-12-10 11:16
NVD link : CVE-2012-1173
Mitre link : CVE-2012-1173
CVE.ORG link : CVE-2012-1173
JSON object : View
Products Affected
libtiff
- libtiff
CWE
CWE-189
Numeric Errors