Lucene search

K

China National Vulnerability DatabaseCNVD-2022-72101

HistorySep 02, 2022 - 12:00 a.m.

Denial of Service vulnerability in the rotateImage function in LibTIFF tiffcrop.c:8621

2022-09-0200:00:00

China National Vulnerability Database

www.cnvd.org.cn

7

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

LibTIFF is a library for reading and writing TIFF (Tagged Image File Format) files. The library contains a number of command-line tools for working with TIFF files.A denial of service vulnerability exists in LibTIFF version 4.4.0rc1, which stems from a failed sysmalloc assertion in rotateImage() in tiffcrop.c:8621. An attacker could exploit this vulnerability to cause a denial of service attack.

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Related for CNVD-2022-72101

ubuntucve1 osv7 veracode1 prion1 cve1 redhatcve1 alpinelinux1 debiancve1 openvas9 nessus20 mageia1 amazon1 rocky2 oraclelinux2 redhat7 almalinux2 ibm3 suse1 altlinux1 cloudfoundry1 ubuntu1 debian1