CVE-2017-7598

Опубликовано: 09 апр. 2017

Источник: debian

EPSS Низкий

Описание

tif_dirread.c in LibTIFF 4.0.7 might allow remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted image.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
tiff	fixed	4.0.7-6		package
tiff3	removed			package
tiff3	not-affected		wheezy	package

Примечания

https://github.com/vadz/libtiff/commit/3cfd62d77c2a7e147a05bd678524c345fa9c2bb8
https://blogs.gentoo.org/ago/2017/04/01/libtiff-multiple-ubsan-crashes

EPSS

Процентиль: 72%

0.00699

Низкий

Связанные уязвимости

CVE-2017-7598

CVSS3: 7.8

ubuntu

почти 9 лет назад

tif_dirread.c in LibTIFF 4.0.7 might allow remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted image.

CVE-2017-7598

CVSS3: 3.3

redhat

почти 9 лет назад

tif_dirread.c in LibTIFF 4.0.7 might allow remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted image.

CVE-2017-7598

CVSS3: 7.8

nvd

почти 9 лет назад

tif_dirread.c in LibTIFF 4.0.7 might allow remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted image.

GHSA-4rxg-5mf4-8hrc

CVSS3: 7.8

github

больше 3 лет назад

tif_dirread.c in LibTIFF 4.0.7 might allow remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted image.

openSUSE-SU-2017:2635-1

suse-cvrf

больше 8 лет назад

Security update for tiff

EPSS

Процентиль: 72%

0.00699

Низкий