Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2017-9815

Опубликовано: 22 июн. 2017
Источник: debian
EPSS Низкий

Описание

In LibTIFF 4.0.7, the TIFFReadDirEntryLong8Array function in libtiff/tif_dirread.c mishandles a malloc operation, which allows attackers to cause a denial of service (memory leak within the function _TIFFmalloc in tif_unix.c) via a crafted file.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
tifffixed4.0.8-1package
tifffixed4.0.3-12.3+deb8u4jessiepackage
tifffixed4.0.2-6+deb7u14wheezypackage
tiff3removedpackage
tiff3fixed3.9.6-11+deb7u6wheezypackage

Примечания

  • http://bugzilla.maptools.org/show_bug.cgi?id=2682

  • Fixed by: https://github.com/vadz/libtiff/commit/fb3dc46a2fcf6197ff3b93fc76f0c37fddc0333b

  • The issue is addressed with the same commit as for CVE-2017-9403

EPSS

Процентиль: 64%
0.00467
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2017-9815

CVSS3: 6.5
ubuntu
больше 8 лет назад

In LibTIFF 4.0.7, the TIFFReadDirEntryLong8Array function in libtiff/tif_dirread.c mishandles a malloc operation, which allows attackers to cause a denial of service (memory leak within the function _TIFFmalloc in tif_unix.c) via a crafted file.

redhat логотип

CVE-2017-9815

CVSS3: 3.3
redhat
больше 8 лет назад

In LibTIFF 4.0.7, the TIFFReadDirEntryLong8Array function in libtiff/tif_dirread.c mishandles a malloc operation, which allows attackers to cause a denial of service (memory leak within the function _TIFFmalloc in tif_unix.c) via a crafted file.

nvd логотип

CVE-2017-9815

CVSS3: 6.5
nvd
больше 8 лет назад

In LibTIFF 4.0.7, the TIFFReadDirEntryLong8Array function in libtiff/tif_dirread.c mishandles a malloc operation, which allows attackers to cause a denial of service (memory leak within the function _TIFFmalloc in tif_unix.c) via a crafted file.

github логотип

GHSA-25f6-v77j-jgcf

CVSS3: 6.5
github
больше 3 лет назад

In LibTIFF 4.0.7, the TIFFReadDirEntryLong8Array function in libtiff/tif_dirread.c mishandles a malloc operation, which allows attackers to cause a denial of service (memory leak within the function _TIFFmalloc in tif_unix.c) via a crafted file.

EPSS

Процентиль: 64%
0.00467
Низкий