CVE-2012-1173
EPSS 6.8%tiff - integer overflow
發布日:2012/6/4修改日:2026/4/28
描述
Multiple integer overflows in tiff_getimage.c in LibTIFF 3.9.4 allow remote attackers to execute arbitrary code via a crafted tile size in a TIFF file, which is not properly handled by the (1) gtTileSeparate or (2) gtStripSeparate function, leading to a heap-based buffer overflow.
受影響套件(2)
- Debian/tifffrom 0, < 4.0.1-2
- Debian/tifffrom 0, < 3.9.4-5+squeeze4