Integer signedness error in the TIFFReadDirectory function in tif_dirread.c in libtiff 3.9.4 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a negative tile depth in a tiff image, which triggers an improper conversion between signed and unsigned types, leading to a heap-based buffer overflow.
References
Configurations
Configuration 1 (hide)
|
History
13 Feb 2023, 04:33
Type | Values Removed | Values Added |
---|---|---|
Summary | Integer signedness error in the TIFFReadDirectory function in tif_dirread.c in libtiff 3.9.4 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a negative tile depth in a tiff image, which triggers an improper conversion between signed and unsigned types, leading to a heap-based buffer overflow. | |
References |
|
02 Feb 2023, 18:15
Type | Values Removed | Values Added |
---|---|---|
Summary | CVE-2012-2088 libtiff: Type conversion flaw leading to heap-buffer overflow | |
References |
|
Information
Published : 2012-07-22 17:55
Updated : 2023-12-10 11:16
NVD link : CVE-2012-2088
Mitre link : CVE-2012-2088
CVE.ORG link : CVE-2012-2088
JSON object : View
Products Affected
libtiff
- libtiff
CWE
CWE-189
Numeric Errors