CVE-2023-40745

Summary

LibTIFF is vulnerable to an integer overflow. This flaw allows remote attackers to cause a denial of service (application crash) or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow.

Affected Software

VendorProductVersion RangeStatus
0 < 4.6.0affected
Red HatRed Hat Enterprise Linux 90:4.4.0-12.el9 < *unaffected

Weaknesses

  • CWE-190: Integer Overflow or Wraparound

ADP Enrichment

CVE Program Container

Additional References

References