Skip to main content
Version: latest

CVE-2023-52356

CVE Details

CVE-2023-52356

Last Update

09/20/2024

NIST CVE Summary

A segment fault (SEGV) flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt() API. This flaw allows a remote attacker to cause a heap-buffer overflow, leading to a denial of service.

Our Official Summary

This is a vulnerability in libtiff that can be exploited by a remote attacker to cause a heap-buffer overflow and denial-of-service. The vulnerability is caused by a segment fault (SEGV) flaw that can be triggered when a crafted TIFF file is passed to the TIFFReadRGBATileExt() API. Investigating a possible fix for this vulnerability on the affected images.

CVE Severity

7.5

Status

Ongoing

Affected Products & Versions

  • Palette VerteX 4.4.18

Revision History

  • 1.0 09/15/2024 Initial Publication
  • 2.0 09/15/2024 Added palette VerteX 4.4.18 to Affected Products