Uninitialized Memory Use in GNOME Evince TIFF Document Backend

Uninitialized Memory Use in GNOME Evince TIFF Document Backend

CVE-2019-11459 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

The tiff_document_render() and tiff_document_get_thumbnail() functions in the TIFF document backend in GNOME Evince through 3.32.0 did not handle errors from TIFFReadRGBAImageOriented(), leading to uninitialized memory use when processing certain TIFF image files.

Learn more about our Web Application Penetration Testing UK.