A13579

**Name of the Vulnerable Software and Affected Versions** LibTIFF versions through 4.5.0 **Description** The issue is related to a heap-based buffer overflow in the `processCropSelections()` function of the `tools/tiffcrop.c` file in the LibTIFF library. This can be exploited by a remote attacker via a crafted TIFF image, potentially leading to a denial-of-service attack. The `processCropSelections()` function is vulnerable to a buffer overflow, as seen in the example of a "WRITE of size 307203". **Recommendations** For LibTIFF versions through 4.5.0, consider updating to a version later than 4.5.0 to resolve the issue. As a temporary workaround, restrict the use of the `processCropSelections()` function in the `tools/tiffcrop.c` file until a patch is available. Avoid processing crafted TIFF images that could trigger the buffer overflow in the `processCropSelections()` function.