Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2023-0799HistoryFeb 13, 2023 - 11:15 p.m.
CVE-2023-0799
2023-02-1323:15:12
Debian Security Bug Tracker
security-tracker.debian.org
15
cve-2023-0799
tiffcrop vulnerability
denial-of-service
libtiff 4.4.0
CVSS3
6.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
EPSS
0.001
Percentile
31.6%
LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3701, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | tiff | < 4.5.0-5 | tiff_4.5.0-5_all.deb |
| Debian | 11 | all | tiff | < 4.2.0-1+deb11u4 | tiff_4.2.0-1+deb11u4_all.deb |
| Debian | 999 | all | tiff | < 4.5.0-5 | tiff_4.5.0-5_all.deb |
| Debian | 13 | all | tiff | < 4.5.0-5 | tiff_4.5.0-5_all.deb |
Related
cbl_mariner
cbl_mariner
CVE-2023-0799 affecting package libtiff for versions less than 4.4.0-8
2023-03-09 00:24:42
CVE-2023-0799 affecting package libtiff 4.5.0-1
2023-03-09 19:51:01
ubuntucve
ubuntucve
CVE-2023-0799
2023-02-13 00:00:00
cnvd
cnvd
LibTIFF tiffcrop.c:3701 buffer overflow vulnerability
2023-02-15 00:00:00
cvelist
cvelist
CVE-2023-0799
2023-02-13 00:00:00
redhatcve
redhatcve
CVE-2023-0799
2023-02-15 19:59:15
nessus
nessus
CBL Mariner 2.0 Security Update: libtiff (CVE-2023-0799)
2023-03-20 00:00:00
Amazon Linux 2 : libtiff (ALAS-2023-2236)
2023-09-08 00:00:00
alpinelinux
alpinelinux
CVE-2023-0799
2023-02-13 23:15:12
prion
prion
Out-of-bounds
2023-02-13 23:15:00
veracode
veracode
Denial Of Service (DoS)
2023-02-20 03:01:19
nvd
nvd
CVE-2023-0799
2023-02-13 23:15:12
cve
cve
CVE-2023-0799
2023-02-13 23:15:12
osv
osv
CVE-2023-0799
2023-02-13 23:15:12
tiff - security update
2023-02-21 00:00:00
tiff vulnerabilities
2023-03-06 17:07:54
amazon
amazon
Medium: libtiff
2023-08-31 22:29:00
Medium: libtiff
2023-08-31 22:29:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2023:2321-1)
2023-05-31 00:00:00
Huawei EulerOS: Security Advisory for libtiff (EulerOS-SA-2023-2477)
2023-07-31 00:00:00
Debian: Security Advisory (DSA-5361-1)
2023-02-28 00:00:00
ubuntu
ubuntu
LibTIFF vulnerabilities
2023-03-06 00:00:00
debian
debian
[SECURITY] [DSA 5361-1] tiff security update
2023-02-24 08:12:14
[SECURITY] [DLA 3333-1] tiff security update
2023-02-21 22:59:14
mageia
mageia
Updated libtiff packages fix security vulnerability
2023-03-02 00:14:31
cloudfoundry
cloudfoundry
USN-5923-1: LibTIFF vulnerabilities | Cloud Foundry
2023-03-23 00:00:00
oraclelinux
oraclelinux
libtiff security update
2023-06-21 00:00:00
rocky
rocky
libtiff security update
2023-08-31 16:55:40
redhat
redhat
(RHSA-2023:3711) Moderate: libtiff security update
2023-06-21 13:52:06
gentoo
gentoo
LibTIFF: Multiple Vulnerabilities
2023-05-30 00:00:00
almalinux
almalinux
Moderate: libtiff security update
2023-06-21 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2023-3.0-0605
2023-06-28 00:00:00
Critical Photon OS Security Update - PHSA-2023-5.0-0018
2023-06-06 00:00:00
Critical Photon OS Security Update - PHSA-2023-4.0-0417
2023-06-30 00:00:00
CVSS3
6.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
EPSS
0.001
Percentile
31.6%
Related for DEBIANCVE:CVE-2023-0799