First published: Mon Jan 23 2017(Updated: )
The TIFFReadRawStrip1 and TIFFReadRawTile1 functions in tif_read.c in libtiff before 4.0.7 allows remote attackers to cause a denial of service (crash) or possibly obtain sensitive information via a negative index in a file-content buffer.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
debian/tiff | 4.1.0+git191117-2~deb10u4 4.1.0+git191117-2~deb10u8 4.2.0-1+deb11u4 4.5.0-6 4.5.1+git230720-1 | |
Libtiff Libtiff | <=4.0.6 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.