6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.015 Low
EPSS
Percentile
86.8%
Kevin Finisterre reports:
Multiple integer overflows in the handling of TIFF files may
result in a heap buffer overflow. Opening a maliciously crafted
TIFF file may lead to an unexpected application termination or
arbitrary code execution. The issues are addressed through
improved bounds checking. Credit to Kevin Finisterre of
digitalmunition.com for reporting these issues.