Lucene search

K

China National Vulnerability DatabaseCNVD-2022-72093

HistoryOct 25, 2022 - 12:00 a.m.

LibTIFF Buffer Overflow Vulnerability (CNVD-2022-72093)

2022-10-2500:00:00

China National Vulnerability Database

www.cnvd.org.cn

8

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

LibTIFF is a library for reading and writing TIFF (Tagged Image File Format) files. The library contains a number of command-line tools for processing TIFF files. version 4.4.0 of LibTIFF is vulnerable to a buffer overflow vulnerability that stems from an out-of-bounds read in writeSingleSection in tools/tiffcrop.c:7345, allowing an attacker to cause a denial of service via a forged tiff file. No detailed vulnerability details are currently available.

CPENameOperatorVersion
libtiff libtiffle4.4.0

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Related for CNVD-2022-72093

redhatcve1 prion1 ubuntucve4 veracode1 debiancve1 alpinelinux1 cve1 cbl_mariner2 osv5 mageia1 photon4 nessus26 oraclelinux1 almalinux1 redhat1 ibm1 cloudfoundry1 altlinux1 ubuntu1 debian2