CVE-2023-52356
CVE Details
Last Update
09/20/2024
NIST CVE Summary
A segment fault (SEGV) flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt() API. This flaw allows a remote attacker to cause a heap-buffer overflow, leading to a denial of service.
Our Official Summary
This is a vulnerability in libtiff that can be exploited by a remote attacker to cause a heap-buffer overflow and denial-of-service. The vulnerability is caused by a segment fault (SEGV) flaw that can be triggered when a crafted TIFF file is passed to the TIFFReadRGBATileExt() API. Investigating a possible fix for this vulnerability on the affected images.
CVE Severity
Status
Ongoing
Affected Products & Versions
- Palette VerteX 4.4.18
Revision History
- 1.0 09/15/2024 Initial Publication
- 2.0 09/15/2024 Added palette VerteX 4.4.18 to Affected Products