CVE-2016-3623

Опубликовано: 08 апр. 2016

Источник: redhat

CVSS2: 4.3

EPSS Низкий

Описание

The rgb2ycbcr tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (divide-by-zero) by setting the (1) v or (2) h parameter to 0.

Отчет

Red Hat Product Security determined that this flaw was not a security vulnerability. See the Bugzilla link for more details.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 5	libtiff	Not affected
Red Hat Enterprise Linux 6	libtiff	Not affected
Red Hat Enterprise Linux 7	compat-libtiff3	Not affected
Red Hat Enterprise Linux 7	libtiff	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Дефект:

CWE-369

https://bugzilla.redhat.com/show_bug.cgi?id=1325089libtiff: divide by zero in the rgb2ycybr tool

EPSS

Процентиль: 81%

0.01585

Низкий

4.3 Medium

CVSS2

Связанные уязвимости

CVE-2016-3623

CVSS3: 7.5

ubuntu

больше 9 лет назад

The rgb2ycbcr tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (divide-by-zero) by setting the (1) v or (2) h parameter to 0.

CVE-2016-3623

CVSS3: 7.5

nvd

больше 9 лет назад

The rgb2ycbcr tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (divide-by-zero) by setting the (1) v or (2) h parameter to 0.

CVE-2016-3623

CVSS3: 7.5

debian

больше 9 лет назад

The rgb2ycbcr tool in LibTIFF 4.0.6 and earlier allows remote attacker ...

GHSA-9f2j-pgfw-crmf

CVSS3: 7.5

github

больше 3 лет назад

The rgb2ycbcr tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (divide-by-zero) by setting the (1) v or (2) h parameter to 0.

openSUSE-SU-2016:2525-1

suse-cvrf

больше 9 лет назад

Security update for tiff

EPSS

Процентиль: 81%

0.01585

Низкий

4.3 Medium

CVSS2