CVE-2013-1960

EPSS 4.5%

tiff - buffer overflow

Published: 7/3/2013Modified: 4/28/2026

Description

Heap-based buffer overflow in the t2p_process_jpeg_strip function in tiff2pdf in libtiff 4.0.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image file.

Affected packages (2)

Debian/tifffrom 0, < 4.0.2-6+nmu1
Debian/tifffrom 0, < 3.9.4-5+squeeze9

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2013-1960