Heap-based buffer overflow in the OJPEGVSetField function in tif_ojpeg.c for libtiff 3.6.1 and earlier, when compiled with the OJPEG_SUPPORT (old JPEG support) option, allows remote attackers to execute arbitrary code via a malformed TIFF image.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Libtiff | Libtiff | 3.6.1 (including) | 3.6.1 (including) |