A NULL Pointer Dereference occurs in the function TIFFPrintDirectory in tif_print.c in LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.0.8 and 4.0.9 when using the tiffinfo tool to print crafted TIFF information, a different vulnerability than CVE-2017-18013. (This affects an earlier part of the TIFFPrintDirectory function that was not addressed by the CVE-2017-18013 patch.)
Advisories
Source ID Title
Debian DLA Debian DLA DLA-1346-1 tiff security update
Debian DLA Debian DLA DLA-1347-1 tiff3 security update
Debian DLA Debian DLA DLA-1411-1 tiff security update
Debian DSA Debian DSA DSA-4349-1 tiff security update
EUVD EUVD EUVD-2018-19187 A NULL Pointer Dereference occurs in the function TIFFPrintDirectory in tif_print.c in LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.0.8 and 4.0.9 when using the tiffinfo tool to print crafted TIFF information, a different vulnerability than CVE-2017-18013. (This affects an earlier part of the TIFFPrintDirectory function that was not addressed by the CVE-2017-18013 patch.)
Ubuntu USN Ubuntu USN USN-3864-1 LibTIFF vulnerabilities
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Sun, 13 Jul 2025 13:45:00 +0000

Type Values Removed Values Added
Metrics epss

{'score': 0.01006}

epss

{'score': 0.00742}


cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2024-08-05T06:24:12.048Z

Reserved: 2018-02-23T00:00:00

Link: CVE-2018-7456

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2018-02-24T06:29:00.630

Modified: 2024-11-21T04:12:10.560

Link: CVE-2018-7456

cve-icon Redhat

Severity : Low

Publid Date: 2018-02-24T00:00:00Z

Links: CVE-2018-7456 - Bugzilla

cve-icon OpenCVE Enrichment

No data.