Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2014-8129

Опубликовано: 12 мар. 2018
Источник: debian

Описание

LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by failure of tif_next.c to verify that the BitsPerSample value is 2, and the t2p_sample_lab_signed_to_unsigned function in tiff2pdf.c.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
tifffixed4.0.3-12.1package
tiff3removedpackage

Примечания

  • Advisory: http://www.conostix.com/pub/adv/CVE-2014-8129-LibTIFF-Out-of-bounds_Reads_and_Writes.txt

  • http://bugzilla.maptools.org/show_bug.cgi?id=2487 (tiff2pdf)

  • http://bugzilla.maptools.org/show_bug.cgi?id=2488 (tiff2pdf)

  • The tiff3 source package doesn't build the TIFF tools, but most of these bugs are in the library

Связанные уязвимости

ubuntu логотип

CVE-2014-8129

CVSS3: 8.8
ubuntu
больше 7 лет назад

LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by failure of tif_next.c to verify that the BitsPerSample value is 2, and the t2p_sample_lab_signed_to_unsigned function in tiff2pdf.c.

redhat логотип

CVE-2014-8129

CVSS3: 4.4
redhat
почти 11 лет назад

LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by failure of tif_next.c to verify that the BitsPerSample value is 2, and the t2p_sample_lab_signed_to_unsigned function in tiff2pdf.c.

nvd логотип

CVE-2014-8129

CVSS3: 8.8
nvd
больше 7 лет назад

LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by failure of tif_next.c to verify that the BitsPerSample value is 2, and the t2p_sample_lab_signed_to_unsigned function in tiff2pdf.c.

github логотип

GHSA-m6v4-297m-c926

CVSS3: 8.8
github
больше 3 лет назад

LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by failure of tif_next.c to verify that the BitsPerSample value is 2, and the t2p_sample_lab_signed_to_unsigned function in tiff2pdf.c.

suse-cvrf логотип

SUSE-SU-2015:1475-1

suse-cvrf
около 10 лет назад

Security update for tiff