Improper Input Validation in libtiff's tiffcrop Utility Leading to Out of Bounds Read and Crash

Improper Input Validation in libtiff's tiffcrop Utility Leading to Out of Bounds Read and Crash

CVE-2022-2868 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

libtiff's tiffcrop utility has a improper input validation flaw that can lead to out of bounds read and ultimately cause a crash if an attacker is able to supply a crafted file to tiffcrop.

Learn more about our Web Application Penetration Testing UK.