Note:
This project will be discontinued after December 13, 2021. [more]
2018-09-30
The function t2p_write_pdf in tiff2pdf.c in LibTIFF 4.0.9 and earlier allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, a similar issue to CVE-2017-9935.
| Products | Libtiff |
| Type | Out-of-bounds Write (CWE-787) |
| First patch | - None (likely due to unavailable code) |
| Links |
• https://github.com/Hack-Me/Pocs_for_Multi_Versions/tree/main/CVE-2018-17795
• http://www.securityfocus.com/bid/105445 • http://bugzilla.maptools.org/show_bug.cgi?id=2816 |