Lucene search

K

China National Vulnerability DatabaseCNVD-2022-72100

HistorySep 02, 2022 - 12:00 a.m.

LibTIFF Buffer Overflow Vulnerability (CNVD-2022-72100)

2022-09-0200:00:00

China National Vulnerability Database

www.cnvd.org.cn

12

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

LibTIFF is a library for reading and writing TIFF (Tagged Image File Format) files. The library contains a number of command-line tools for working with TIFF files.A security vulnerability exists in LibTIFF, which stems from a heap buffer overflow flaw found in the TIFFReadRawDataStriped() function of tiffinfo.c. An attacker could exploit this flaw to pass specially crafted TIFF files to the tiffinfo tool, which could trigger a heap buffer overflow issue and cause a denial of service.

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Related for CNVD-2022-72100

ubuntucve1 redhatcve1 osv7 cve1 amazon1 veracode1 nessus20 prion1 alpinelinux1 debiancve1 openvas9 mageia1 oraclelinux2 rocky2 almalinux2 redhat7 ibm3 suse1 altlinux1 cloudfoundry1 ubuntu1 debian1