LibTIFF is vulnerable to an integer overflow. This flaw allows remote attackers to cause a denial of service (application crash) or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow.
References
Link | Resource |
---|---|
https://access.redhat.com/errata/RHSA-2024:2289 | |
https://access.redhat.com/security/cve/CVE-2023-40745 | Third Party Advisory |
https://bugzilla.redhat.com/show_bug.cgi?id=2235265 | Issue Tracking Third Party Advisory |
https://security.netapp.com/advisory/ntap-20231110-0005/ | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2023-10-05T18:55:26.192Z
Updated: 2024-05-01T20:21:02.220Z
Reserved: 2023-08-25T09:21:36.657Z
Link: CVE-2023-40745
JSON object: View
NVD Information
Status : Modified
Published: 2023-10-05T19:15:11.260
Modified: 2024-04-30T15:15:50.610
Link: CVE-2023-40745
JSON object: View
Redhat Information
No data.
CWE