Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The libtiff-4.0.3-35.amzn2.0.1 package for LibTIFF on Amazon Linux 2 allows attackers to cause a denial of service (application crash), a different vulnerability than CVE-2022-0562. When processing a malicious TIFF file, an invalid range may be passed as an argument to the memset() function within TIFFFetchStripThing() in tif_dirread.c. This will cause TIFFFetchStripThing() to segfault after use of an uninitialized resource.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Vulnerability Type
N/A
Vulnerability Title
Silicon Graphics LibTIFF 安全漏洞
Vulnerability Description
Silicon Graphics LibTIFF是美国Silicon Graphics公司的一个读写TIFF(标签图像文件格式)文件的库。该库包含一些处理TIFF文件的命令行工具。 Silicon Graphics LibTIFF 存在安全漏洞,该漏洞源于处理恶意 TIFF 文件时,可能会将无效范围作为参数传递给 TIFFFetchStripThing() 中的 memset() 函数tif_dirread.c. 这将导致 TIFFFetchStripThing() 出现段错误,攻击者利用该漏洞可以导致拒
CVSS Information
N/A
Vulnerability Type
N/A