Lucene search

K
cnvdChina National Vulnerability DatabaseCNVD-2022-72099
HistorySep 02, 2022 - 12:00 a.m.

LibTIFF Resource Management Error Vulnerability (CNVD-2022-72099)

2022-09-0200:00:00
China National Vulnerability Database
www.cnvd.org.cn
6

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

LibTIFF is a library for reading and writing TIFF (Tagged Image File Format) files. The library contains a number of command-line tools for working with TIFF files.A security vulnerability exists in LibTIFF version 4.4.0rc1, which stems from a double-release or corruption found in rotateImage() in tiffcrop.c:8839. An attacker could exploit this vulnerability to cause a denial of service attack.

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Related for CNVD-2022-72099