Heap-based Buffer Overflow in libtiff Tool from Vendor Red Hat
CVE-2013-4243

Currently unrated

Key Information:

Vendor

Libtiff

Status
Libtiff
Debian Linux
Vendor
CVE Published:
10 September 2013

What is CVE-2013-4243?

The vulnerability identified in the gif2tiff tool within libtiff can result in a heap-based buffer overflow when processing GIF images. Attackers can exploit this flaw by providing specially crafted height and width values in the GIF image, potentially leading to a denial of service through application crashes. Moreover, this could enable the execution of arbitrary code on the affected system, posing significant security risks to users and systems utilizing vulnerable versions of libtiff.

References

http://bugzilla.maptools.org/show_bug.cgi?id=2451
x_refsource_CONFIRM
https://bugzilla.redhat.com/show_bug.cgi?id=996052
x_refsource_CONFIRM
http://www.securityfocus.com/bid/62082
vdb-entryx_refsource_BID

EPSS Score

18% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.