LibTiff tif_aux.c Integer Overflow Check Denial of Service Vulnerability
A vulnerability in LibTIFF could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on a targeted system.
The vulnerability is due to improper integer overflow checks in the _TIFFCheckMalloc and _TIFFCheckRealloc functions, as defined in the tif_aux.c source code file of the affected software. An attacker could exploit this vulnerability by persuading a user to open a file that contains crafted TIFF images. A successful exploit could trigger an integer overflow condition and cause the affected software to crash, resulting in a DoS condition.
LibTIFF has confirmed the vulnerability and released software updates.
Security Impact Rating: Medium