A vulnerability was found in libtiff due to multiple potential integer overflows in raw2tiff.c. This flaw allows remote attackers to cause a denial of service or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow.
History

Wed, 04 Dec 2024 14:45:00 +0000

Type Values Removed Values Added
Weaknesses CWE-122

Sun, 24 Nov 2024 12:45:00 +0000

Type Values Removed Values Added
Weaknesses CWE-680

Fri, 22 Nov 2024 15:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-122

Wed, 06 Nov 2024 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2023-10-05T18:55:26.876Z

Updated: 2024-12-04T07:16:52.955Z

Reserved: 2023-08-25T09:21:36.645Z

Link: CVE-2023-41175

cve-icon Vulnrichment

Updated: 2024-08-02T18:54:04.334Z

cve-icon NVD

Status : Modified

Published: 2023-10-05T19:15:11.340

Modified: 2024-12-04T08:15:05.413

Link: CVE-2023-41175

cve-icon Redhat

Severity : Moderate

Publid Date: 2023-07-21T00:00:00Z

Links: CVE-2023-41175 - Bugzilla