There is a heap based buffer overflow in tools/tiff2pdf.c of LibTIFF 4.0.8 via a PlanarConfig=Contig image, which causes a more than one hundred bytes out-of-bounds write (related to the ZIPDecode function in tif_zip.c). A crafted input may lead to a remote denial of service attack or an arbitrary code execution attack.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2017-07-16T04:00:00
Updated: 2024-08-05T18:05:30.579Z
Reserved: 2017-07-15T00:00:00
Link: CVE-2017-11335
Vulnrichment
No data.
NVD
Status : Modified
Published: 2017-07-17T13:18:20.267
Modified: 2018-03-22T01:29:01.063
Link: CVE-2017-11335
Redhat