CVE-2015-0061

Name of the Vulnerable Software and Affected Versions Microsoft Windows versions prior to the fixed version

Description The issue arises from improper initialization of memory for TIFF images, allowing remote attackers to obtain sensitive information from process memory via a crafted image file. This is an information disclosure vulnerability that occurs when Windows fails to properly handle uninitialized memory when parsing certain, specially crafted TIFF image format files. An attacker who successfully exploits this could potentially read data not intended to be disclosed, which could be used to try to further compromise the affected system.

Recommendations For all affected versions, update to a version that properly initializes memory for TIFF images to prevent information disclosure. At the moment, there is no information about a newer version that contains a fix for this vulnerability.