CVE-2009-5022

EPSS 16.6%

tiff - buffer overflow

Published: 5/3/2011Modified: 4/28/2026

Description

Heap-based buffer overflow in tif_ojpeg.c in the OJPEG decoder in LibTIFF before 3.9.5 allows remote attackers to execute arbitrary code via a crafted TIFF file.

Affected packages (2)

Debian/tifffrom 0, < 3.9.5-1
Debian/tifffrom 0, < 3.9.4-5+squeeze2

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2009-5022