CVE-2008-2327

CVE-2008-2327 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Multiple buffer underflows in the (1) LZWDecode, (2) LZWDecodeCompat, and (3) LZWDecodeVector functions in tif_lzw.c in the LZW decoder in LibTIFF 3.8.2 and earlier allow context-dependent attackers to execute arbitrary code via a crafted TIFF file, related to improper handling of the CODE_CLEAR code.

Learn more about our Web Application Penetration Testing UK.