A stack overflow was discovered in the _TIFFVGetField function of Tiffsplit v4.4.0. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted TIFF file parsed by the "tiffsplit" or "tiffcrop" utilities.
References
Link | Resource |
---|---|
https://gitlab.com/libtiff/libtiff/-/issues/433 | Exploit Issue Tracking Patch Third Party Advisory |
https://gitlab.com/libtiff/libtiff/-/issues/486 | Exploit Issue Tracking Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html | Mailing List Third Party Advisory |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FC6LWPAEKYJ57LSHX4SBFMLRMLOZTHIJ/ | |
https://security.netapp.com/advisory/ntap-20220930-0002/ | Third Party Advisory |
https://www.debian.org/security/2023/dsa-5333 | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-07-29T00:00:00
Updated: 2023-01-30T00:00:00
Reserved: 2022-06-26T00:00:00
Link: CVE-2022-34526
JSON object: View
NVD Information
Status : Modified
Published: 2022-07-29T23:15:08.113
Modified: 2023-11-07T03:48:43.750
Link: CVE-2022-34526
JSON object: View
Redhat Information
No data.
CWE