A NULL pointer dereference in the function _TIFFmemcmp at tif_unix.c (called from TIFFWriteDirectoryTagTransferfunction) in LibTIFF 4.0.9 allows an attacker to cause a denial-of-service through a crafted tiff file. This vulnerability can be triggered by the executable tiffcp.
A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Libtiff | Libtiff | 4.0.9 (including) | 4.0.9 (including) |
Tiff | Ubuntu | bionic | * |
Tiff | Ubuntu | cosmic | * |
Tiff | Ubuntu | trusty | * |
Tiff | Ubuntu | upstream | * |
Tiff | Ubuntu | xenial | * |