Heap-based buffer overflow in cpSeparateBufToContigBuf function in LibTIFF

Heap-based buffer overflow in cpSeparateBufToContigBuf function in LibTIFF

CVE-2018-12900 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Heap-based buffer overflow in the cpSeparateBufToContigBuf function in tiffcp.c in LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0beta7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.0.8 and 4.0.9 allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact via a crafted TIFF file.

Learn more about our Web Application Penetration Testing UK.