An exploitable heap-based buffer overflow exists in the...
High severity
Unreviewed
Published
May 14, 2022
to the GitHub Advisory Database
•
Updated Feb 3, 2023
Description
Published by the National Vulnerability Database
Jan 6, 2017
Published to the GitHub Advisory Database
May 14, 2022
Last updated
Feb 3, 2023
An exploitable heap-based buffer overflow exists in the handling of TIFF images in LibTIFF's TIFF2PDF tool. A crafted TIFF document can lead to a heap-based buffer overflow resulting in remote code execution. Vulnerability can be triggered via a saved TIFF file delivered by other means.
References