CVE-2015-1547

Опубликовано: 29 дек. 2014

Источник: redhat

CVSS3: 4.4

CVSS2: 5.8

EPSS Низкий

Описание

The NeXTDecode function in tif_next.c in LibTIFF allows remote attackers to cause a denial of service (uninitialized memory access) via a crafted TIFF image, as demonstrated by libtiff5.tif.

Отчет

Red Hat Product Security has rated this issue as having moderate security impact, a future update may address this flaw in libtiff.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 5	libtiff	Will not fix
Red Hat Enterprise Linux 6	libtiff	Fixed	RHSA-2016:1547	02.08.2016
Red Hat Enterprise Linux 7	libtiff	Fixed	RHSA-2016:1546	02.08.2016

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

https://bugzilla.redhat.com/show_bug.cgi?id=1190709libtiff: use of uninitialized memory in NeXTDecode

EPSS

Процентиль: 89%

0.04425

Низкий

4.4 Medium

CVSS3

5.8 Medium

CVSS2

Связанные уязвимости

CVE-2015-1547

CVSS3: 6.5

ubuntu

больше 9 лет назад

The NeXTDecode function in tif_next.c in LibTIFF allows remote attackers to cause a denial of service (uninitialized memory access) via a crafted TIFF image, as demonstrated by libtiff5.tif.

CVE-2015-1547

CVSS3: 6.5

nvd

больше 9 лет назад

The NeXTDecode function in tif_next.c in LibTIFF allows remote attackers to cause a denial of service (uninitialized memory access) via a crafted TIFF image, as demonstrated by libtiff5.tif.

CVE-2015-1547

CVSS3: 6.5

debian

больше 9 лет назад

The NeXTDecode function in tif_next.c in LibTIFF allows remote attacke ...

GHSA-63xc-994f-r5qr

CVSS3: 6.5

github

больше 3 лет назад

The NeXTDecode function in tif_next.c in LibTIFF allows remote attackers to cause a denial of service (uninitialized memory access) via a crafted TIFF image, as demonstrated by libtiff5.tif.

ELSA-2016-1547

oracle-oval

около 9 лет назад

ELSA-2016-1547: libtiff security update (IMPORTANT)

EPSS

Процентиль: 89%

0.04425

Низкий

4.4 Medium

CVSS3

5.8 Medium

CVSS2