Lucene search

K

China National Vulnerability DatabaseCNVD-2022-72092

HistoryOct 25, 2022 - 12:00 a.m.

LibTIFF Buffer Overflow Vulnerability (CNVD-2022-72092)

2022-10-2500:00:00

China National Vulnerability Database

www.cnvd.org.cn

9

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

LibTIFF is a library for reading and writing TIFF (Tagged Image File Format) files. The library contains a number of command line tools for processing TIFF files.LibTIFF suffers from a buffer overflow vulnerability that originates in _TIFFmemset in libtiff/tif_unix.c:340 and exists when called from processCropSelections, tools/tiffcrop.c:7619 out-of-bounds writes, allowing an attacker to cause a denial of service via a forged tiff file. No detailed vulnerability details are currently available.

CPENameOperatorVersion
libtiff libtiffle4.4.0

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Related for CNVD-2022-72092

cbl_mariner2 prion1 ubuntucve1 veracode1 osv5 alpinelinux1 debiancve1 cve1 redhatcve1 mageia1 openvas23 nessus26 photon4 amazon1 oraclelinux1 almalinux1 redhat1 cloudfoundry1 altlinux1 ubuntu1 debian1