{"id":"CVE-2013-1960","details":"Heap-based buffer overflow in the t2p_process_jpeg_strip function in tiff2pdf in libtiff 4.0.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image file.","modified":"2026-01-27T04:11:37.667337Z","published":"2013-07-03T18:55:00Z","withdrawn":"2026-01-27T04:11:37.667337Z","related":["openSUSE-SU-2024:10554-1"],"references":[{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2014-0223.html"},{"type":"ADVISORY","url":"http://secunia.com/advisories/53237"},{"type":"ADVISORY","url":"http://secunia.com/advisories/53765"},{"type":"ADVISORY","url":"http://www.debian.org/security/2013/dsa-2698"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=952158"},{"type":"WEB","url":"http://lists.fedoraproject.org/pipermail/package-announce/2013-May/104916.html"},{"type":"WEB","url":"http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105253.html"},{"type":"WEB","url":"http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105828.html"},{"type":"WEB","url":"http://lists.opensuse.org/opensuse-updates/2013-06/msg00058.html"},{"type":"WEB","url":"http://lists.opensuse.org/opensuse-updates/2013-06/msg00080.html"},{"type":"WEB","url":"http://seclists.org/oss-sec/2013/q2/254"},{"type":"WEB","url":"http://www.securityfocus.com/bid/59609"}],"schema_version":"1.7.3"}