CVE-2017-17095
HIGHLibTIFF 4.0.9 - Heap-Based Buffer Overflow in pal2rgb
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2017-17095. PoCs published by Jungun Baek.
AI-analyzed exploit summary The exploit demonstrates a heap-buffer-overflow vulnerability in LibTIFF's pal2rgb tool, where an incorrectly sized output buffer leads to memory corruption when processing specially crafted TIFF files. The PoC includes detailed analysis and debug information confirming the overflow.
Description
tools/pal2rgb.c in pal2rgb in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (TIFFSetupStrips heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file.
Exploits (1)
The exploit demonstrates a heap-buffer-overflow vulnerability in LibTIFF's pal2rgb tool, where an incorrectly sized output buffer leads to memory corruption when processing specially crafted TIFF files. The PoC includes detailed analysis and debug information confirming the overflow.
References (8)
Scores
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H