Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2014-8129

Опубликовано: 12 мар. 2018
Источник: nvd
CVSS3: 8.8
CVSS2: 6.8
EPSS Низкий

Описание

LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by failure of tif_next.c to verify that the BitsPerSample value is 2, and the t2p_sample_lab_signed_to_unsigned function in tiff2pdf.c.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:libtiff:libtiff:4.0.3:*:*:*:*:*:*:*
Конфигурация 2
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
Конфигурация 3

Одно из

cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*
Конфигурация 4

Одно из

cpe:2.3:o:apple:mac_os_x:10.8.5:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.9.5:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.10.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.10.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.10.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.10.3:*:*:*:*:*:*:*
Конфигурация 5

Одно из

cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:ipad2:*
cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:iphone:*
cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:ipodtouch:*

EPSS

Процентиль: 74%
0.00819
Низкий

8.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-787

Связанные уязвимости

ubuntu логотип

CVE-2014-8129

CVSS3: 8.8
ubuntu
больше 7 лет назад

LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by failure of tif_next.c to verify that the BitsPerSample value is 2, and the t2p_sample_lab_signed_to_unsigned function in tiff2pdf.c.

redhat логотип

CVE-2014-8129

CVSS3: 4.4
redhat
почти 11 лет назад

LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by failure of tif_next.c to verify that the BitsPerSample value is 2, and the t2p_sample_lab_signed_to_unsigned function in tiff2pdf.c.

debian логотип

CVE-2014-8129

CVSS3: 8.8
debian
больше 7 лет назад

LibTIFF 4.0.3 allows remote attackers to cause a denial of service (ou ...

github логотип

GHSA-m6v4-297m-c926

CVSS3: 8.8
github
больше 3 лет назад

LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by failure of tif_next.c to verify that the BitsPerSample value is 2, and the t2p_sample_lab_signed_to_unsigned function in tiff2pdf.c.

suse-cvrf логотип

SUSE-SU-2015:1475-1

suse-cvrf
около 10 лет назад

Security update for tiff

EPSS

Процентиль: 74%
0.00819
Низкий

8.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-787