CVE-2013-4243Improper Restriction of Operations within the Bounds of a Memory Buffer in Libtiff

CWE-119Improper Restriction of Operations within the Bounds of a Memory BufferCWE-122Heap-based Buffer Overflow11 documents8 sources
Severity
6.8MEDIUMNVD
OSV4.3
EPSS
18.7%
top 4.70%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Debian TiffLibtiffDebian Linux
Timeline
PublishedSep 10
Latest updateSep 23

Description

Heap-based buffer overflow in the readgifimage function in the gif2tiff tool in libtiff 4.0.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted height and width values in a GIF image.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages2 packages

NVDlibtiff/libtiff4.0.3+29
debiandebian/tiff< tiff 4.0.3-9 (bookworm)

Also affects: Debian Linux 6.0, 7.0

Patches

Patch: bugzilla.maptools.orgPatch: bugzilla.redhat.comPatch: bugzilla.maptools.org

🔴Vulnerability Details

3
GHSA
GHSA-4mjh-684p-r652: Heap-based buffer overflow in the readgifimage function in the gif2tiff tool in libtiff 42022-05-17
OSV
tiff vulnerabilities2014-05-06
OSV
CVE-2013-4243: Heap-based buffer overflow in the readgifimage function in the gif2tiff tool in libtiff 42013-09-10

📋Vendor Advisories

3
Ubuntu
LibTIFF vulnerabilities2014-05-06
Red Hat
(gif2tiff): possible heap-based buffer overflow in readgifimage()2013-08-14
Debian
CVE-2013-4243: tiff - Heap-based buffer overflow in the readgifimage function in the gif2tiff tool in ...2013

📄Research Papers

1
arXiv
ShadowBound: Efficient Heap Memory Protection Through Advanced Metadata Management and Customized Compiler Optimization2024-09-23

💬Community

3
Bugzilla
CVE-2013-4231 CVE-2013-4232 CVE-2013-4243 CVE-2013-4244 mingw-libtiff various flaws [fedora-all]2013-08-14
Bugzilla
CVE-2013-4231 CVE-2013-4232 CVE-2013-4243 CVE-2013-4244 libtiff various flaws [fedora-all]2013-08-14
Bugzilla
CVE-2013-4243 libtiff (gif2tiff): possible heap-based buffer overflow in readgifimage()2013-08-12