{"id":"CVE-2013-4244","details":"The LZW decompressor in the gif2tiff tool in libtiff 4.0.3 and earlier allows context-dependent attackers to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a crafted GIF image.","modified":"2026-04-16T06:18:29.504278293Z","published":"2013-09-28T19:55:03Z","related":["openSUSE-SU-2024:10554-1"],"references":[{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2014-0223.html"},{"type":"FIX","url":"http://bugzilla.maptools.org/show_bug.cgi?id=2452"},{"type":"FIX","url":"https://bugzilla.redhat.com/show_bug.cgi?id=996468"},{"type":"FIX","url":"https://github.com/vadz/libtiff/commit/ce6841d9e41d621ba23cf18b190ee6a23b2cc833"}],"schema_version":"1.7.5"}