E18-5o711
CVSS:
6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
False Positive:
t
Variants:
44
Year:
2018
Description
The strike exploits a heap buffer overflow vulnerability in LibTIFF. The vulnerability is due to insufficient length checks while processing TIFF files compressed with JBIG. A remote, unauthenticated attacker can exploit this vulnerability by enticing a target user to open a crafted TIFF file compressed with JBIG with an application that uses LibTIFF. Successful exploitation could result in the execution of arbitrary code under the security context of the program using LibTIFF.
CVE
References
MSB
BID
ExploitDB
Secunia
Security Tracker
Metasploit
ZDI
OSVDB
{}