tif_dirread.c in LibTIFF 4.0.7 might allow remote malicious users to cause a denial of service (divide-by-zero error and application crash) via a crafted image.
Debian Bug report logs -
#860003
tiff: CVE-2017-7595
Package:
src:tiff;
Maintainer for src:tiff is Laszlo Boszormenyi (GCS) <gcs@debianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Mon, 10 Apr 2017 06:45:02 UTC
Severity: important
Tags: security, upstream
Found in version tiff/407-5
Fixed in v ...
tif_dirreadc in LibTIFF 407 might allow remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted image ...
A security issue has been found in libtiff before 408, where a crafted TIFF file can trigger a division by zero in TIFFReadDirEntryCheckedRational() or TIFFReadDirEntryCheckedSrational(), leading to denial of service ...