QwikSec

Security Database

CVE

CWE

Training

CVE-2019-14973

Published: Aug 14, 2019

Modified: Aug 5, 2024

PUBLISHED

Description

_TIFFCheckMalloc and _TIFFCheckRealloc in tif_aux.c in LibTIFF through 4.0.10 mishandle Integer Overflow checks because they rely on compiler behavior that is undefined by the applicable C standards. This can, for example, lead to an application crash.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://gitlab.com/libtiff/libtiff/merge_requests/90

x_refsource_CONFIRM

[debian-lts-announce] 20190825 [SECURITY] [DLA 1897-1] tiff security update

mailing-list

x_refsource_MLIST

20191104 [slackware-security] libtiff (SSA:2019-308-01)

mailing-list

x_refsource_BUGTRAQ

http://packetstormsecurity.com/files/155095/Slackware-Security-Advisory-libtiff-Updates.html

x_refsource_MISC

FEDORA-2019-6eeff0f801

vendor-advisory

x_refsource_FEDORA

FEDORA-2019-e45019c690

vendor-advisory

x_refsource_FEDORA

20200121 [SECURITY] [DSA 4608-1] tiff security update

mailing-list

x_refsource_BUGTRAQ

vendor-advisory

x_refsource_DEBIAN

vendor-advisory

x_refsource_DEBIAN

openSUSE-SU-2020:1561

vendor-advisory

x_refsource_SUSE

openSUSE-SU-2020:1840

vendor-advisory

x_refsource_SUSE

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.