CVE-2005-2452

Name of the Vulnerable Software and Affected Versions libtiff versions up to 3.7.0

Description The issue allows remote attackers to cause a denial of service, resulting in an application crash, by exploiting a TIFF image header with a zero "YCbCr subsampling" value. This causes a divide-by-zero error in the tif strip.c and tif tile.c files.

Recommendations For libtiff versions up to 3.7.0, update to a version later than 3.7.0 to resolve the issue. As a temporary workaround, consider restricting the processing of TIFF images with suspicious headers to minimize the risk of exploitation.