Description
An Invalid Address dereference was discovered in
TIFFWriteDirectoryTagTransferfunction in libtiff/tif_dirwrite.c in LibTIFF
4.0.10, affecting the cpSeparateBufToContigBuf function in tiffcp.c.
Remote attackers could leverage this vulnerability to cause a
denial-of-service via a crafted tiff file. This is different from
CVE-2018-12900. (CVE-2019-7663)
The invertImage() function in tiffcrop.c:9206 allows remote attackers to
cause a denial of service (heap buffer overflow) via invert color space.