In Liblibtiff-tools 4.0.9, there is a NULL pointer dereference in the libtiff-toolsWriteDirectorySec function in tif_dirwrite.c that will lead to a denial of service attack, as demonstrated by libtiff-tools set.