The t2p_read_tiff_init function in tiff2pdf (tools/tiff2pdf.c) in LibTIFF 4.0.2 and previous versions does not properly initialize the T2P context struct pointer in certain error conditions, which allows context-dependent malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image that triggers a heap-based buffer overflow.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
libtiff libtiff 3.4 |
||
libtiff libtiff 3.7.0 |
||
libtiff libtiff 4.0 |
||
libtiff libtiff 3.6.0 |
||
libtiff libtiff 3.6.1 |
||
libtiff libtiff 3.8.0 |
||
libtiff libtiff 3.7.3 |
||
libtiff libtiff 3.8.1 |
||
libtiff libtiff 3.9.3 |
||
libtiff libtiff 3.5.7 |
||
libtiff libtiff 3.8.2 |
||
libtiff libtiff 3.7.2 |
||
libtiff libtiff 3.9.2-5.2.1 |
||
libtiff libtiff 3.5.3 |
||
libtiff libtiff 3.7.1 |
||
libtiff libtiff 3.5.4 |
||
libtiff libtiff 3.5.2 |
||
libtiff libtiff 4.0.1 |
||
libtiff libtiff |
||
libtiff libtiff 3.9.2 |
||
libtiff libtiff 3.7.4 |
||
libtiff libtiff 3.9.4 |
||
libtiff libtiff 3.5.5 |
||
libtiff libtiff 3.9.0 |
||
libtiff libtiff 3.5.6 |
||
libtiff libtiff 3.5.1 |
||
libtiff libtiff 3.9.1 |
||
libtiff libtiff 3.9 |