What the vulnerability does

01Description

An integer overflow flaw was found in libtiff that exists in the tif_getimage.c file. This flaw allows an attacker to inject and execute arbitrary code when a user opens a crafted TIFF file. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Key dates

02Disclosure timeline

March 9, 2021 CVE published
August 4, 2024 Record updated