CVE-2018-14862 has been assigned to this issue. Libtiff is used by many programs including Gimp, MapServer, OpenEXR, and many other applications as a TIFF library. In libtiff 4.3.0, if a malformed TIFF file is read, it leads to an out-of-bounds read that can be exploited to cause a denial-of-service (DoS). The following is the original advisory from the libtiff project. Libtiff is used by many programs including Gimp, MapServer, OpenEXR, and many other applications as a TIFF library. In libtiff 4.3.0, if a malformed TIFF file is read, it leads to an out-of-bounds read that can be exploited to cause a denial-of-service (DoS). The following is the original advisory from the libtiff project. Libtiff is used by many programs including Gimp, MapServer, OpenEXR, and many other applications as a TIFF library. In libtiff 4.3.0, if a malformed TIFF file is read, it leads to an out-of-bounds read that can be exploited to cause a denial-of-service (DoS). The following is the original advisory from the libtiff project. Libtiff is used by many programs including Gimp, MapServer, OpenEXR, and many other
Credit
:
http://www.infosecurity-magazine.com/news/five-common-mistakes-when-outsourcing-seo/
The following is the original advisory from the libtiff project. Libtiff is used by many programs including Gimp, MapServer, OpenEXR, and many other applications as a TIFF library. In libtiff 4.3.0, if a malformed TIFF file is read, it leads to an out-of-bounds read that can be exploited to cause a denial-of-service (DoS). The following is the original advisory from the libtiff project.
What is Libtiff?
Libtiff is a library for reading and writing TIFF images. It is available as free software under the terms of the GNU Lesser General Public License (LGPL) or the GNU General Public License (GPL).
Libtiff is a library for reading and writing TIFF images. It is available as free software under the terms of the GNU Lesser General Public License (LGPL) or the GNU General Public License (GPL).
Libtiff 4.2.0 and older versions
In libtiff 4.3.0, if a malformed TIFF file is read, it leads to an out-of-bounds read that can be exploited to cause a denial-of-service (DoS). The following is the original advisory from the libtiff project.
BHV:
What Do We Know?
In the past few days, the following CVE-2018-14862 has been assigned to this issue: BHV: What Do We Know? In the past few days, the following CVE-2018-14862 has been assigned to this issue: BHV: What Do We Know?
Timeline
Published on: 03/11/2022 18:15:00 UTC
Last modified on: 05/12/2022 20:04:00 UTC
References
- https://gitlab.com/libtiff/libtiff/-/merge_requests/311
- https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0924.json
- https://gitlab.com/libtiff/libtiff/-/issues/278
- https://www.debian.org/security/2022/dsa-5108
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQ4E654ZYUUUQNBKYQFXNK2CV3CPWTM2/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RNT2GFNRLOMKJ5KXM6JIHKBNBFDVZPD3/
- https://security.netapp.com/advisory/ntap-20220506-0002/
- https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0924