8.5 High
AI Score
Confidence
High
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.035 Low
EPSS
Percentile
91.3%
Heap-based buffer overflow in the readgifimage function in the gif2tiff tool in libtiff 4.0.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted height and width values in a GIF image.
CPE | Name | Operator | Version |
---|---|---|---|
debian_linux | eq | 6.0 | |
debian_linux | eq | 7.0 | |
libtiff | le | 4.0.3 | |
libtiff | eq | 3.4 beta29 | |
libtiff | eq | 3.4 beta34 | |
libtiff | eq | 3.4 beta32 | |
libtiff | eq | 3.4 beta31 | |
libtiff | eq | 3.4 beta36 | |
libtiff | eq | 3.4 beta24 | |
libtiff | eq | 3.4 |