Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2014-8130

Опубликовано: 12 мар. 2018
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 4.3
CVSS3: 6.5

Описание

The _TIFFmalloc function in tif_unix.c in LibTIFF 4.0.3 does not reject a zero size, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image that is mishandled by the TIFFWriteScanline function in tif_write.c, as demonstrated by tiffdither.

РелизСтатусПримечание
devel

released

4.0.3-12.3ubuntu1
esm-infra-legacy/trusty

released

4.0.3-7ubuntu0.2
lucid

released

3.9.2-2ubuntu0.15
precise

released

3.9.5-2ubuntu1.7
trusty

released

4.0.3-7ubuntu0.2
trusty/esm

released

4.0.3-7ubuntu0.2
upstream

needs-triage

utopic

released

4.0.3-10ubuntu0.1

Показывать по

Ссылки на источники

EPSS

Процентиль: 83%
0.02075
Низкий

4.3 Medium

CVSS2

6.5 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2014-8130

CVSS3: 3.3
redhat
почти 11 лет назад

The _TIFFmalloc function in tif_unix.c in LibTIFF 4.0.3 does not reject a zero size, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image that is mishandled by the TIFFWriteScanline function in tif_write.c, as demonstrated by tiffdither.

nvd логотип

CVE-2014-8130

CVSS3: 6.5
nvd
больше 7 лет назад

The _TIFFmalloc function in tif_unix.c in LibTIFF 4.0.3 does not reject a zero size, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image that is mishandled by the TIFFWriteScanline function in tif_write.c, as demonstrated by tiffdither.

debian логотип

CVE-2014-8130

CVSS3: 6.5
debian
больше 7 лет назад

The _TIFFmalloc function in tif_unix.c in LibTIFF 4.0.3 does not rejec ...

github логотип

GHSA-w6c9-7896-vqpm

CVSS3: 6.5
github
больше 3 лет назад

The _TIFFmalloc function in tif_unix.c in LibTIFF 4.0.3 does not reject a zero size, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image that is mishandled by the TIFFWriteScanline function in tif_write.c, as demonstrated by tiffdither.

suse-cvrf логотип

SUSE-SU-2015:1475-1

suse-cvrf
около 10 лет назад

Security update for tiff

EPSS

Процентиль: 83%
0.02075
Низкий

4.3 Medium

CVSS2

6.5 Medium

CVSS3