Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Libtiff: libtiff: heap-based buffer overflow via crafted pixarlog-compressed tiff image
Vulnerability Description
A flaw was found in libtiff. A remote attacker could exploit this vulnerability by providing a specially crafted PixarLog-compressed TIFF image. This issue occurs when decoding Pixarlog codec images with the PIXARLOGDATAFMT_8BITABGR output format and a specific stride value, leading to a heap-based buffer overflow. This could potentially result in arbitrary code execution or a denial of service (DoS).
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Vulnerability Type
堆缓冲区溢出
Vulnerability Title
LibTIFF 缓冲区错误漏洞
Vulnerability Description
LibTIFF是LibTIFF组织开源的一个读写TIFF(标签图像文件格式)文件的库。该库包含一些处理TIFF文件的命令行工具。 LibTIFF存在缓冲区错误漏洞,该漏洞源于解码特定输出格式和步幅值的Pixarlog编码图像时存在堆缓冲区溢出,可能导致远程攻击者通过特制的PixarLog压缩TIFF图像执行任意代码或造成拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A