Lucene search

K
cvelistRedhatCVELIST:CVE-2020-35523
HistoryMar 09, 2021 - 7:17 p.m.

CVE-2020-35523

2021-03-0919:17:24
CWE-190
redhat
www.cve.org
2

8 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

72.8%

An integer overflow flaw was found in libtiff that exists in the tif_getimage.c file. This flaw allows an attacker to inject and execute arbitrary code when a user opens a crafted TIFF file. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

CNA Affected

[
  {
    "product": "libtiff",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "libtiff 4.2.0"
      }
    ]
  }
]