LibTIFF.tiff2pdf.Converter.Out.Of.Bounds.Read

description-logoDescription

This indicates an attack attempt to exploit an Out of Bound Read Vulnerability in libtiff libtiff.
The vulnerability occurs while converting TIFF files using tiff2pdf converter. A remote attacker could exploit this vulnerability by enticing an user to convert a maliciously crafted TIFF image file to a PDF file using tiff2pdf utility with JPEG compression. Successful exploitation of this vulnerability leads to information disclosure or, in the worst case, arbitrary code execution in the context of the affected application.

affected-products-logoAffected Products

libtiff

Impact logoImpact

Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
https://gitlab.com/libtiff/libtiff/-/issues/194

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2021-04-29 18.070 Default_action:pass:drop
2021-04-21 18.063