First published: Tue Apr 25 2006(Updated: )
Double free vulnerability in tif_jpeg.c in libtiff before 3.8.1 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image that triggers errors related to "setfield/getfield methods in cleanup functions."
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Libtiff Libtiff | =3.6.1 | |
Libtiff Libtiff | =3.4 | |
Libtiff Libtiff | =3.5.7 | |
Libtiff Libtiff | =3.7.0 | |
Libtiff Libtiff | =3.6.0 | |
Libtiff Libtiff | =3.5.3 | |
Libtiff Libtiff | =3.7.1 | |
Libtiff Libtiff | =3.5.4 | |
Libtiff Libtiff | =3.5.2 | |
Libtiff Libtiff | =3.5.5 | |
Libtiff Libtiff | <=3.8.0 | |
Libtiff Libtiff | =3.5.1 | |
Libtiff Libtiff | =3.5.6 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.