CVE-2012-5581

EPSS 1.6%

tiff - buffer overflow

Published: 1/4/2013Modified: 3/9/2026

Also known as:DSA-2589-1DEBIAN-CVE-2012-5581

Description

Stack-based buffer overflow in tif_dir.c in LibTIFF before 4.0.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted DOTRANGE tag in a TIFF image.

Affected packages (2)

Debian/tifffrom 0, < 4.0.2-1
Debian/tifffrom 0, < 3.9.4-5+squeeze8

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2012-5581