CVE-2012-4447

EPSS 1.2%

tiff - buffer overflow

Published: 10/28/2012Modified: 4/28/2026

Also known as:DEBIAN-CVE-2012-4447

Description

Heap-based buffer overflow in tif_pixarlog.c in LibTIFF before 4.0.3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted TIFF image using the PixarLog Compression format.

Affected packages (2)

Debian/tifffrom 0, < 4.0.2-4
Debian/tifffrom 0, < 3.9.4-5+squeeze6

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2012-4447