CVE-2014-9330 – Libtiff integer overflow in bmp2tiff

About the software

Libtiff provides support for the Tag Image File Format (TIFF), a widely used format for storing image data.

Affected Version(s)

All tests were performed using libtiff 4.0.3

Description

Fuzzing bmp2tiff, using the afl-fuzzer, revealed an integer overflow issue related to the dimensions of the input BMP image. The issue resulted in an out-of-bounds memory read which causes the application to crash. Details can be found here.

Author

Paris Zoumpouloglou

Disclosure Timeline

2014-12-09 Discovery reported to libtiff bug tracker
2014-12-21 Issue was fixed
2014-12-22 Public Disclosure

Comments are closed.