Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2015-8870

Опубликовано: 06 дек. 2016
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 5.8
CVSS3: 7.4

Описание

Integer overflow in tools/bmp2tiff.c in LibTIFF before 4.0.4 allows remote attackers to cause a denial of service (heap-based buffer over-read), or possibly obtain sensitive information from process memory, via crafted width and length values in RLE4 or RLE8 data in a BMP file.

РелизСтатусПримечание
devel

not-affected

esm-infra-legacy/trusty

not-affected

4.0.3-7ubuntu0.4
esm-infra/xenial

not-affected

4.0.6-1
precise

not-affected

3.9.5-2ubuntu1.9
precise/esm

not-affected

3.9.5-2ubuntu1.9
trusty

not-affected

4.0.3-7ubuntu0.4
trusty/esm

not-affected

4.0.3-7ubuntu0.4
upstream

needs-triage

vivid/stable-phone-overlay

ignored

end of life
vivid/ubuntu-core

DNE

Показывать по

Ссылки на источники

EPSS

Процентиль: 72%
0.00737
Низкий

5.8 Medium

CVSS2

7.4 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2015-8870

CVSS3: 4.4
redhat
почти 11 лет назад

Integer overflow in tools/bmp2tiff.c in LibTIFF before 4.0.4 allows remote attackers to cause a denial of service (heap-based buffer over-read), or possibly obtain sensitive information from process memory, via crafted width and length values in RLE4 or RLE8 data in a BMP file.

nvd логотип

CVE-2015-8870

CVSS3: 7.4
nvd
почти 9 лет назад

Integer overflow in tools/bmp2tiff.c in LibTIFF before 4.0.4 allows remote attackers to cause a denial of service (heap-based buffer over-read), or possibly obtain sensitive information from process memory, via crafted width and length values in RLE4 or RLE8 data in a BMP file.

debian логотип

CVE-2015-8870

CVSS3: 7.4
debian
почти 9 лет назад

Integer overflow in tools/bmp2tiff.c in LibTIFF before 4.0.4 allows re ...

github логотип

GHSA-p8mr-cwrg-5x9h

CVSS3: 7.4
github
больше 3 лет назад

Integer overflow in tools/bmp2tiff.c in LibTIFF before 4.0.4 allows remote attackers to cause a denial of service (heap-based buffer over-read), or possibly obtain sensitive information from process memory, via crafted width and length values in RLE4 or RLE8 data in a BMP file.

oracle-oval логотип

ELSA-2017-0225

oracle-oval
почти 9 лет назад

ELSA-2017-0225: libtiff security update (MODERATE)

EPSS

Процентиль: 72%
0.00737
Низкий

5.8 Medium

CVSS2

7.4 High

CVSS3