CVE-2023-3618
Published: December 7, 2023
A flaw was found in libtiff. A specially crafted tiff file can lead to a segmentation fault due to a buffer overflow in the Fax3Encode function in libtiff/tif_fax3.c, resulting in a denial of service.
MEDIUM
CVSS v3: 6.5
CVSS v3: 6.5
Status
| DocFilters Release | Package | State | Justification | Comment |
|---|---|---|---|---|
| 25.1 | libtiff (4.6.0) | Not Affected | Code Not Reachable | The issue only exists in the tiffcrop CLI tool, and is due to how it ignoring error state when calling the libtiff API. Document Filters does not have the same logic error in it’s calling code to libtiff, and therefore not impacted. |
| 24.4 | libtiff (4.6.0) | Not Affected | Code Not Reachable | The issue only exists in the tiffcrop CLI tool, and is due to how it ignoring error state when calling the libtiff API. Document Filters does not have the same logic error in it’s calling code to libtiff, and therefore not impacted. |
| 24.4.0 | libtiff (4.6.0) | Not Affected | Code Not Reachable | The issue only exists in the tiffcrop CLI tool, and is due to how it ignoring error state when calling the libtiff API. Document Filters does not have the same logic error in it’s calling code to libtiff, and therefore not impacted. |
| 24.3 | libtiff (4.6.0) | Not Affected | Code Not Reachable | The issue only exists in the tiffcrop CLI tool, and is due to how it ignoring error state when calling the libtiff API. Document Filters does not have the same logic error in it’s calling code to libtiff, and therefore not impacted. |
| 24.2.1 | libtiff (4.6.0) | Not Affected | Code Not Reachable | The issue only exists in the tiffcrop CLI tool, and is due to how it ignoring error state when calling the libtiff API. Document Filters does not have the same logic error in it’s calling code to libtiff, and therefore not impacted. |
| 24.2 | libtiff (4.6.0) | Not Affected | Code Not Reachable | The issue only exists in the tiffcrop CLI tool, and is due to how it ignoring error state when calling the libtiff API. Document Filters does not have the same logic error in it’s calling code to libtiff, and therefore not impacted. |
| 24.1 | libtiff (4.6.0) | Not Affected | Code Not Reachable | The issue only exists in the tiffcrop CLI tool, and is due to how it ignoring error state when calling the libtiff API. Document Filters does not have the same logic error in it’s calling code to libtiff, and therefore not impacted. |
| 23.3 | libtiff (4.5.1) | Not Affected | Code Not Reachable | The issue only exists in the tiffcrop CLI tool, and is due to how it ignoring error state when calling the libtiff API. Document Filters does not have the same logic error in it’s calling code to libtiff, and therefore not impacted. |
| 23.2.1 | libtiff (4.3.0) | Not Affected | Code Not Reachable | The issue only exists in the tiffcrop CLI tool, and is due to how it ignoring error state when calling the libtiff API. Document Filters does not have the same logic error in it’s calling code to libtiff, and therefore not impacted. |
| 23.2 | libtiff (4.3.0) | Not Affected | Code Not Reachable | The issue only exists in the tiffcrop CLI tool, and is due to how it ignoring error state when calling the libtiff API. Document Filters does not have the same logic error in it’s calling code to libtiff, and therefore not impacted. |
| 23.1 | libtiff (4.3.0) | Not Affected | Code Not Reachable | The issue only exists in the tiffcrop CLI tool, and is due to how it ignoring error state when calling the libtiff API. Document Filters does not have the same logic error in it’s calling code to libtiff, and therefore not impacted. |
| 22.4 | libtiff (4.3.0) | Not Affected | Code Not Reachable | The issue only exists in the tiffcrop CLI tool, and is due to how it ignoring error state when calling the libtiff API. Document Filters does not have the same logic error in it’s calling code to libtiff, and therefore not impacted. |
| 22.3 | libtiff (4.3.0) | Not Affected | Code Not Reachable | The issue only exists in the tiffcrop CLI tool, and is due to how it ignoring error state when calling the libtiff API. Document Filters does not have the same logic error in it’s calling code to libtiff, and therefore not impacted. |
| 22.2 | libtiff (4.3.0) | Not Affected | Code Not Reachable | The issue only exists in the tiffcrop CLI tool, and is due to how it ignoring error state when calling the libtiff API. Document Filters does not have the same logic error in it’s calling code to libtiff, and therefore not impacted. |
| 22.1 | libtiff (4.0.8) | Not Affected | Code Not Reachable | The issue only exists in the tiffcrop CLI tool, and is due to how it ignoring error state when calling the libtiff API. Document Filters does not have the same logic error in it’s calling code to libtiff, and therefore not impacted. |
| 21.11.1 | libtiff (4.0.8) | Not Affected | Code Not Reachable | The issue only exists in the tiffcrop CLI tool, and is due to how it ignoring error state when calling the libtiff API. Document Filters does not have the same logic error in it’s calling code to libtiff, and therefore not impacted. |
| 21.11 | libtiff (4.0.8) | Not Affected | Code Not Reachable | The issue only exists in the tiffcrop CLI tool, and is due to how it ignoring error state when calling the libtiff API. Document Filters does not have the same logic error in it’s calling code to libtiff, and therefore not impacted. |
| 21.8.1 | libtiff (4.0.8) | Not Affected | Code Not Reachable | The issue only exists in the tiffcrop CLI tool, and is due to how it ignoring error state when calling the libtiff API. Document Filters does not have the same logic error in it’s calling code to libtiff, and therefore not impacted. |
| 21.8 | libtiff (4.0.8) | Not Affected | Code Not Reachable | The issue only exists in the tiffcrop CLI tool, and is due to how it ignoring error state when calling the libtiff API. Document Filters does not have the same logic error in it’s calling code to libtiff, and therefore not impacted. |
| 21.5.1 | libtiff (4.0.8) | Not Affected | Code Not Reachable | The issue only exists in the tiffcrop CLI tool, and is due to how it ignoring error state when calling the libtiff API. Document Filters does not have the same logic error in it’s calling code to libtiff, and therefore not impacted. |
| 21.5.0 | libtiff (4.0.8) | Not Affected | Code Not Reachable | The issue only exists in the tiffcrop CLI tool, and is due to how it ignoring error state when calling the libtiff API. Document Filters does not have the same logic error in it’s calling code to libtiff, and therefore not impacted. |
| 21.2.0 | libtiff (4.0.8) | Not Affected | Code Not Reachable | The issue only exists in the tiffcrop CLI tool, and is due to how it ignoring error state when calling the libtiff API. Document Filters does not have the same logic error in it’s calling code to libtiff, and therefore not impacted. |
| 11.4.20 | libtiff (4.0.8) | Not Affected | Code Not Reachable | The issue only exists in the tiffcrop CLI tool, and is due to how it ignoring error state when calling the libtiff API. Document Filters does not have the same logic error in it’s calling code to libtiff, and therefore not impacted. |
| 11.4.19.3667 | libtiff (4.0.8) | Not Affected | Code Not Reachable | The issue only exists in the tiffcrop CLI tool, and is due to how it ignoring error state when calling the libtiff API. Document Filters does not have the same logic error in it’s calling code to libtiff, and therefore not impacted. |
| 11.4.18.3599 | libtiff (4.0.8) | Not Affected | Code Not Reachable | The issue only exists in the tiffcrop CLI tool, and is due to how it ignoring error state when calling the libtiff API. Document Filters does not have the same logic error in it’s calling code to libtiff, and therefore not impacted. |
| 11.4.17 | libtiff (4.0.8) | Not Affected | Code Not Reachable | The issue only exists in the tiffcrop CLI tool, and is due to how it ignoring error state when calling the libtiff API. Document Filters does not have the same logic error in it’s calling code to libtiff, and therefore not impacted. |
| 11.4.16.3445 | libtiff (4.0.8) | Not Affected | Code Not Reachable | The issue only exists in the tiffcrop CLI tool, and is due to how it ignoring error state when calling the libtiff API. Document Filters does not have the same logic error in it’s calling code to libtiff, and therefore not impacted. |
| 11.4.15.3368 | libtiff (4.0.8) | Not Affected | Code Not Reachable | The issue only exists in the tiffcrop CLI tool, and is due to how it ignoring error state when calling the libtiff API. Document Filters does not have the same logic error in it’s calling code to libtiff, and therefore not impacted. |
| 11.4.14.3263 | libtiff (4.0.8) | Not Affected | Code Not Reachable | The issue only exists in the tiffcrop CLI tool, and is due to how it ignoring error state when calling the libtiff API. Document Filters does not have the same logic error in it’s calling code to libtiff, and therefore not impacted. |
| 11.4.13.3179 | libtiff (4.0.8) | Not Affected | Code Not Reachable | The issue only exists in the tiffcrop CLI tool, and is due to how it ignoring error state when calling the libtiff API. Document Filters does not have the same logic error in it’s calling code to libtiff, and therefore not impacted. |
| 11.4.12.3054 | libtiff (4.0.8) | Not Affected | Code Not Reachable | The issue only exists in the tiffcrop CLI tool, and is due to how it ignoring error state when calling the libtiff API. Document Filters does not have the same logic error in it’s calling code to libtiff, and therefore not impacted. |
| 11.4.11.3040 | libtiff (4.0.8) | Not Affected | Code Not Reachable | The issue only exists in the tiffcrop CLI tool, and is due to how it ignoring error state when calling the libtiff API. Document Filters does not have the same logic error in it’s calling code to libtiff, and therefore not impacted. |
| 11.4.11.2990 | libtiff (4.0.8) | Not Affected | Code Not Reachable | The issue only exists in the tiffcrop CLI tool, and is due to how it ignoring error state when calling the libtiff API. Document Filters does not have the same logic error in it’s calling code to libtiff, and therefore not impacted. |
| 11.4.10.2934 | libtiff (4.0.8) | Not Affected | Code Not Reachable | The issue only exists in the tiffcrop CLI tool, and is due to how it ignoring error state when calling the libtiff API. Document Filters does not have the same logic error in it’s calling code to libtiff, and therefore not impacted. |
| 11.4.9.2878 | libtiff (4.0.8) | Not Affected | Code Not Reachable | The issue only exists in the tiffcrop CLI tool, and is due to how it ignoring error state when calling the libtiff API. Document Filters does not have the same logic error in it’s calling code to libtiff, and therefore not impacted. |
| 11.4.8.2822 | libtiff (4.0.8) | Not Affected | Code Not Reachable | The issue only exists in the tiffcrop CLI tool, and is due to how it ignoring error state when calling the libtiff API. Document Filters does not have the same logic error in it’s calling code to libtiff, and therefore not impacted. |
Severity score breakdown
Attack Complexity
LOW
Attack Vector
NETWORK
Availability Impact
HIGH
Base Score
6.5
Base Severity
MEDIUM
Confidentiality Impact
NONE
Integrity Impact
NONE
Privileges Required
NONE
Scope
UNCHANGED
User Interaction
REQUIRED
Vector String
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Version
3.1