CVE-2017-7594

Опубликовано: 09 апр. 2017

Источник: debian

Описание

The OJPEGReadHeaderInfoSecTablesDcTable function in tif_ojpeg.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (memory leak) via a crafted image.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
tiff	fixed	4.0.7-6		package
tiff3	removed			package

Примечания

http://bugzilla.maptools.org/show_bug.cgi?id=2659
https://github.com/vadz/libtiff/commit/2ea32f7372b65c24b2816f11c04bf59b5090d05b
https://github.com/vadz/libtiff/commit/8283e4d1b7e53340684d12932880cbcbaf23a8c1

Связанные уязвимости

CVE-2017-7594

CVSS3: 5.5

ubuntu

почти 9 лет назад

The OJPEGReadHeaderInfoSecTablesDcTable function in tif_ojpeg.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (memory leak) via a crafted image.

CVE-2017-7594

CVSS3: 3.3

redhat

около 9 лет назад

The OJPEGReadHeaderInfoSecTablesDcTable function in tif_ojpeg.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (memory leak) via a crafted image.

CVE-2017-7594

CVSS3: 5.5

nvd

почти 9 лет назад

The OJPEGReadHeaderInfoSecTablesDcTable function in tif_ojpeg.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (memory leak) via a crafted image.

GHSA-96cv-jcwx-rgjw

CVSS3: 5.5

github

больше 3 лет назад

The OJPEGReadHeaderInfoSecTablesDcTable function in tif_ojpeg.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (memory leak) via a crafted image.

openSUSE-SU-2017:2635-1

suse-cvrf

больше 8 лет назад

Security update for tiff