CVE-2013-4243

EPSS 18.7%

tiff - security update

Published: 9/10/2013Modified: 4/28/2026

Also known as:DEBIAN-CVE-2013-4243

Description

Heap-based buffer overflow in the readgifimage function in the gif2tiff tool in libtiff 4.0.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted height and width values in a GIF image.

Affected packages (3)

Debian/tifffrom 0, < 4.0.3-9
Debian/tifffrom 0, < 3.9.4-5+squeeze11
Debian/tifffrom 0, < 4.0.2-6+deb7u3

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2013-4243