Intrusion Prevention

LibTIFF.tiffcp.cpSeparateBufToContigBuf.Buffer.Overflow

Description

This indicates an attempt to exploit a Heap Based Buffer Overflow Vulnerability in Libtiff.
The vulnerability is due to an error when the vulnerable software handles a maliciously crafted TIFF file. A remote attacker may be able to exploit this to execute arbitrary code within the context of the application, via a crafted TIFF file.

Affected Products

libtiff 4.0.9 and prior

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the latest update from the vendor.
https://gitlab.com/libtiff/libtiff

CVE References

CVE-2018-12900