Skip to main content

Libtiff CVE-2013-4231

MEDIUM
Buffer Overflow (CWE-119)
2014-01-19 secalert@redhat.com
4.3
CVSS 2.0 · NVD
Share

Severity by source

NVD PRIMARY
4.3 MEDIUM
AV:N/AC:M/Au:N/C:N/I:N/A:P

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

AV:N/AC:M/Au:N/C:N/I:N/A:P
Attack Vector
Network
Attack Complexity
M
Confidentiality
None
Integrity
None
Availability
P

Lifecycle Timeline

1
CVE Published
Jan 19, 2014 - 17:16 cve.org
MEDIUM 4.3

DescriptionCVE.org

Multiple buffer overflows in libtiff before 4.0.3 allow remote attackers to cause a denial of service (out-of-bounds write) via a crafted (1) extension block in a GIF image or (2) GIF raster image to tools/gif2tiff.c or (3) a long filename for a TIFF image to tools/rgb2ycbcr.c. NOTE: vectors 1 and 3 are disputed by Red Hat, which states that the input cannot exceed the allocated buffer size.

AnalysisAI

Multiple buffer overflows in libtiff before 4.0.3 allow remote attackers to cause a denial of service (out-of-bounds write) via a crafted (1) extension block in a GIF image or (2) GIF raster image to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 18.4% and no vendor patch available.

Technical ContextAI

This vulnerability is classified as Buffer Overflow (CWE-119), which allows attackers to corrupt memory to execute arbitrary code or crash the application. Multiple buffer overflows in libtiff before 4.0.3 allow remote attackers to cause a denial of service (out-of-bounds write) via a crafted (1) extension block in a GIF image or (2) GIF raster image to tools/gif2tiff.c or (3) a long filename for a TIFF image to tools/rgb2ycbcr.c. NOTE: vectors 1 and 3 are disputed by Red Hat, which states that the input cannot exceed the allocated buffer size. Affected products include: Libtiff. Version information: before 4.0.3.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Use memory-safe languages or bounds-checking. Enable ASLR, DEP/NX, stack canaries. Use safe string functions.

CVE-2012-4564 MEDIUM POC
6.8 Nov 11

ppm2tiff does not check the return value of the TIFFScanlineSize function, which allows remote attackers to cause a deni

CVE-2015-8668 CRITICAL POC
9.8 Jan 08

Heap-based buffer overflow in the PackBitsPreEncode function in tif_packbits.c in bmp2tiff in libtiff 4.0.6 and earlier

CVE-2015-7554 CRITICAL POC
9.8 Jan 08

The _TIFFVGetField function in tif_dir.c in libtiff 4.0.6 allows attackers to cause a denial of service (invalid memory

CVE-2016-9534 CRITICAL POC
9.8 Nov 22

tif_write.c in libtiff 4.0.6 has an issue in the error code path of TIFFFlushData1() that didn't reset the tif_rawcc and

CVE-2017-17095 HIGH POC
8.8 Dec 02

tools/pal2rgb.c in pal2rgb in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (TIFFSetupStrips heap-b

CVE-2016-8331 HIGH POC
8.1 Oct 28

An exploitable remote code execution vulnerability exists in the handling of TIFF images in LibTIFF version 4.0.6. Rated

CVE-2017-5225 HIGH POC
8.8 Jan 12

LibTIFF version 4.0.7 is vulnerable to a heap buffer overflow in the tools/tiffcp resulting in DoS or code execution via

CVE-2017-17973 HIGH POC
8.8 Dec 29

In LibTIFF 4.0.8, there is a heap-based use-after-free in the t2p_writeproc function in tiff2pdf.c. Rated high severity

CVE-2017-9935 HIGH POC
8.8 Jun 26

In LibTIFF 4.0.8, there is a heap-based buffer overflow in the t2p_write_pdf function in tools/tiff2pdf.c. Rated high se

CVE-2017-17942 HIGH POC
8.8 Dec 28

In LibTIFF 4.0.9, there is a heap-based buffer over-read in the function PackBitsEncode in tif_packbits.c. Rated high se

CVE-2023-25434 HIGH POC
8.8 Jun 14

libtiff 4.5.0 is vulnerable to Buffer Overflow via extractContigSamplesBytes() at /libtiff/tools/tiffcrop.c:3215. Rated

CVE-2022-3970 HIGH POC
8.8 Nov 13

A vulnerability was found in LibTIFF. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no aut

Share

CVE-2013-4231 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy