VULHUB ™

LibTIFF is affected by two heap-corruption vulnerabilities caused by integer-overflow errors that can be triggered when handling malicious or malformed image files. An attacker could exploit the vulnerabilities to execute arbitrary code when TIFF image data is processed (i.e. displayed). The code would run in the context of an application linked to the library. Since image data is often external in origin, these vulnerabilities are remotely exploitable.

LibTIFF is affected by two heap-corruption vulnerabilities caused by integer-overflow errors that can be triggered when handling malicious or malformed image files. An attacker could exploit the vulnerabilities to execute arbitrary code when TIFF image data is processed (i.e. displayed). The code would run in the context of an application linked to the library. Since image data is often external in origin, these vulnerabilities are remotely exploitable.