A vulnerability was found in LibTIFF up to 4.7.0. It has been rated as critical. This issue affects the function setrow of the file tools/thumbnail.c. The manipulation leads to buffer overflow. An attack has to be approached locally. The patch is named e8c9d6c616b19438695fd829e58ae4fde5bfbc22. It is recommended to apply a patch to fix this issue. This vulnerability only affects products that are no longer supported by the maintainer.
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
| Link | Tags |
|---|---|
| https://vuldb.com/?id.317591 | technical description vdb entry |
| https://vuldb.com/?ctiid.317591 | signature permissions required |
| https://vuldb.com/?submit.621797 | third party advisory |
| https://gitlab.com/libtiff/libtiff/-/issues/715 | issue tracking |
| https://gitlab.com/libtiff/libtiff/-/merge_requests/737 | patch |
| https://gitlab.com/libtiff/libtiff/-/commit/e8c9d6c616b19438695fd829e58ae4fde5bfbc22 | patch |
| http://www.libtiff.org/ | product |