In LibTIFF before 4.0.10, a heap-based buffer overflow (out-of-bounds write) occurs in the function LZWDecodeCompat in tif_lzw.c via a crafted TIFF file, as demonstrated by the tiff2ps tool.
In LibTIFF before 4.0.10, a heap-based buffer overflow (out-of-bounds write) occurs in the function LZWDecodeCompat in tif_lzw.c via a crafted TIFF file, as demonstrated by the tiff2ps tool.
http://bugzilla.maptools.org/show_bug.cgi?id=2780 https://gitlab.com/libtiff/libtiff/commit/58a898cb4459055bb488ca815c23b880c242a27d