Описание
Buffer overflow in the readextension function in gif2tiff.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (application crash) via a crafted GIF file.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| tiff | fixed | 4.0.6-3 | package | |
| tiff | fixed | 4.0.3-12.3+deb8u2 | jessie | package |
| tiff3 | removed | package |
Примечания
https://bugzilla.redhat.com/show_bug.cgi?id=1319666
https://bugzilla.redhat.com/show_bug.cgi?id=1319503
http://bugzilla.maptools.org/show_bug.cgi?id=2536
Proposed patch from Red Hat: https://bugzilla.redhat.com/attachment.cgi?id=1144235&action=diff
gif2tiff was removed in 4.0.6-3 and DSA 3762, marking as fixed although technically still present in the source package
EPSS
Связанные уязвимости
Buffer overflow in the readextension function in gif2tiff.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (application crash) via a crafted GIF file.
Buffer overflow in the readextension function in gif2tiff.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (application crash) via a crafted GIF file.
Buffer overflow in the readextension function in gif2tiff.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (application crash) via a crafted GIF file.
Buffer overflow in the readextension function in gif2tiff.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (application crash) via a crafted GIF file.
EPSS