Use-After-Free in libtiff 4.0.3 Affects Remote Code Execution
CVE-2013-4232

Currently unrated

Key Information:

Vendor

Libtiff

Status
Libtiff
Debian Linux
Vendor
CVE Published:
10 September 2013

What is CVE-2013-4232?

The use-after-free vulnerability found in the t2p_readwrite_pdf_image function within libtiff 4.0.3 allows attackers to exploit crafted TIFF images. This can lead to a denial of service by crashing the application or potentially allow attackers to execute arbitrary code, compromising the integrity and security of the system. Users are advised to update to patched versions to mitigate these risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://bugzilla.maptools.org/show_bug.cgi?id=2449
x_refsource_CONFIRM
http://rhn.redhat.com/errata/RHSA-2014-0223.html
vendor-advisoryx_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=995975
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.