A NULL pointer dereference flaw was found in Libtiff's LZWDecode() function in the libtiff/tif_lzw.c file. This flaw allows a local malicious user to craft specific input data that can cause the program to dereference a NULL pointer when decompressing a TIFF format file, resulting in a program crash or denial of service.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
libtiff libtiff |
||
redhat enterprise linux 9.0 |
||
fedoraproject fedora 38 |