Vulnerabilities > CVE-2022-1355 - Stack-based Buffer Overflow vulnerability in multiple products

047910
CVSS 6.1 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
LOW
Availability impact
HIGH

Summary

A stack buffer overflow flaw was found in Libtiffs' tiffcp.c in main() function. This flaw allows an attacker to pass a crafted TIFF file to the tiffcp tool, triggering a stack buffer overflow issue, possibly corrupting the memory, and causing a crash that leads to a denial of service.

Common Weakness Enumeration (CWE)