Security Advisory

CVE-2014-8130

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2018-03-12 02:00:00

Last updated 2024-08-06 13:10:50

Assigner redhat

State PUBLISHED

Description

The _TIFFmalloc function in tif_unix.c in LibTIFF 4.0.3 does not reject a zero size, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image that is mishandled by the TIFFWriteScanline function in tif_write.c, as demonstrated by tiffdither.

← Browse all CVEs View on cve.org ↗