CVE-2023-3195

Summary

A stack-based buffer overflow issue was found in ImageMagick's coders/tiff.c. This flaw allows an attacker to trick the user into opening a specially crafted malicious tiff file, causing an application to crash, resulting in a denial of service.

Affected Software

VendorProductVersion RangeStatus
n/aImageMagickFixed in ImageMagick 6.9.12-26, ImageMagick 7.1.0-11affected

Weaknesses

  • CWE-121: CWE-121 - Stack-based Buffer Overflow

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References