Описание
The _TIFFVGetField function in tif_dirinfo.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via a crafted TIFF image.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | libtiff | Will not fix | ||
| Red Hat Enterprise Linux 7 | compat-libtiff3 | Under investigation | ||
| Red Hat Enterprise Linux 6 | libtiff | Fixed | RHSA-2016:1547 | 02.08.2016 |
| Red Hat Enterprise Linux 7 | libtiff | Fixed | RHSA-2016:1546 | 02.08.2016 |
Показывать по
Дополнительная информация
Статус:
EPSS
5.3 Medium
CVSS3
6.8 Medium
CVSS2
Связанные уязвимости
The _TIFFVGetField function in tif_dirinfo.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via a crafted TIFF image.
The _TIFFVGetField function in tif_dirinfo.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via a crafted TIFF image.
The _TIFFVGetField function in tif_dirinfo.c in LibTIFF 4.0.6 and earl ...
The _TIFFVGetField function in tif_dirinfo.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via a crafted TIFF image.
EPSS
5.3 Medium
CVSS3
6.8 Medium
CVSS2