libtiff.so is vulnerable to denial of service (DoS). When the attacker can send a malicious input file, td_imagelength is directly derived from the input file length. Moreover, TIFFOpen function does not check td_imagelength
during TIFFOpen process, allowing the attacker to trigger out-of-memory (OOM).
CPE | Name | Operator | Version |
---|---|---|---|
libtiff.so | le | 3.9.7 | |
libtiff | le | 4.0.6.2 |