CVE-2023-25433

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Jun 29, 2023

Updated: Aug 1, 2023

CWE ID 120

Summary

CVE-2023-25433: A vulnerability has been discovered in libtiff 4.5.0, which can result in a buffer overflow. The issue occurs during the rotation image function in the tiffcrop tool when the buffer size is incorrectly updated. This flaw can lead to a heap-buffer-overflow and a Segmentation Fault (SEGV). Users are advised to update their libtiff software as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

LibTIFF

Affected Vendors

Libtiff

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/r0nRMU
https://www.cve.org/CVERecord?id=CVE-2023-25433
https://nvd.nist.gov/vuln/detail/CVE-2023-25433

Back to Vulnerability Database