Memory Write Vulnerability in libtiff 4.0.6 TIFFVGetField Function

CVE-2015-7554 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

The _TIFFVGetField function in tif_dir.c in libtiff 4.0.6 allows attackers to cause a denial of service (invalid memory write and crash) or possibly have unspecified other impact via crafted field data in an extension tag in a TIFF image.

Learn more about our Web Application Penetration Testing UK.