Home

CVE-2013-1960

Description

Heap-based buffer overflow in the t2p_process_jpeg_strip function in tiff2pdf in libtiff 4.0.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image file.

Risk Information

Base Score
7.8
MODERATE
Vector
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
4.531

Associated Vulnerability

VulnerabilityOS Platform
(RHSA-2014:0223) Moderate: libtiff security update libtiff-3.8.2-19.el5_10.i386.rpmLinux
(RHSA-2014:0223) Moderate: libtiff security update libtiff-3.8.2-19.el5_10.x86_64.rpmLinux
(RHSA-2014:0223) Moderate: libtiff security update libtiff-devel-3.8.2-19.el5_10.i386.rpmLinux
(RHSA-2014:0223) Moderate: libtiff security update libtiff-devel-3.8.2-19.el5_10.x86_64.rpmLinux
Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2013-1960)NCM

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234