CVE-2013-4231 in LibTIFFinfo

Summary

Multiple buffer overflows in libtiff before 4.0.3 allow remote attackers to cause a denial of service (out-of-bounds write) via a crafted (1) extension block in a GIF image or (2) GIF raster image to tools/gif2tiff.c or (3) a long filename for a TIFF image to tools/rgb2ycbcr.c. NOTE: vectors 1 and 3 are disputed by Red Hat, which states that the input cannot exceed the allocated buffer size.

Reservation

06/12/2013

Disclosure

01/19/2014

Entries

VulDB provides additional information and datapoints for this CVE:

IDVulnerabilityCWEExpCouCVE
9951LibTIFF Raster File Count gif2tiff.c memory corruption119Not definedUnavailableCVE-2013-4231
9950LibTIFF TIFF File Name rgb2ycbcr.c memory corruption119Not definedOfficial fixCVE-2013-4231
9948LibTIFF GIF File Extension Block gif2tiff.c memory corruption119Not definedOfficial fixCVE-2013-4231
9947LibTIFF GIF Raster File Datasize gif2tiff.c memory corruption119Not definedOfficial fixCVE-2013-4231

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

PreviousOverviewNext

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!