Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:36850
HistoryAug 30, 2022 - 8:10 a.m.

Denial Of Service (DoS)

2022-08-3008:10:21
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
19
denial of service
vulnerability
tiffcrop.c
software crash
crafted tiff file

EPSS

0.001

Percentile

31.7%

libtiff.so is vulnerable to Denial Of Service (DoS). The vulnerability exists due to a heap buffer overflow in extractImageSection in process_command_opts function of tiffcrop.c which allows an attacker to cause an application crash via a crafted tiff file.