CVE-2023-1560
2.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L
Summary
A vulnerability, which was classified as problematic, has been found in TinyTIFF 3.0.0.0. This issue affects some unknown processing of the file tinytiffreader.c of the component File Handler. The manipulation leads to buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The identifier VDB-223553 was assigned to this vulnerability.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | TinyTIFF | 3.0.0.0 | affected |
Weaknesses
- CWE-120: CWE-120 Buffer Overflow
ADP Enrichment
CVE Program Container
Additional References
- https://vuldb.com/?id.223553
- https://vuldb.com/?ctiid.223553
- https://github.com/10cksYiqiyinHangzhouTechnology/Security-Issue-Report-of-TinyTIFF
- https://github.com/10cksYiqiyinHangzhouTechnology/Security-Issue-Report-of-TinyTIFF/blob/main/id8
CISA ADP Vulnrichment
- SSVC:
- Exploitation: poc
- Automatable: no
- Technical Impact: partial
References
- https://vuldb.com/?id.223553
- https://vuldb.com/?ctiid.223553
- https://github.com/10cksYiqiyinHangzhouTechnology/Security-Issue-Report-of-TinyTIFF
- https://github.com/10cksYiqiyinHangzhouTechnology/Security-Issue-Report-of-TinyTIFF/blob/main/id8
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.