Описание
An exploitable remote code execution vulnerability exists in the handling of TIFF images in LibTIFF version 4.0.6. A crafted TIFF document can lead to a type confusion vulnerability resulting in remote code execution. This vulnerability can be triggered via a TIFF file delivered to the application using LibTIFF's tag extension functionality.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 4.0.7-1 |
| esm-infra-legacy/trusty | released | 4.0.3-7ubuntu0.6 |
| esm-infra/xenial | released | 4.0.6-1ubuntu0.1 |
| precise | ignored | end of life |
| precise/esm | not-affected | 3.9.5-2ubuntu1.10 |
| trusty | released | 4.0.3-7ubuntu0.6 |
| trusty/esm | released | 4.0.3-7ubuntu0.6 |
| upstream | released | 4.0.6-3 |
| vivid/stable-phone-overlay | ignored | end of life |
| vivid/ubuntu-core | DNE |
Показывать по
EPSS
6.8 Medium
CVSS2
8.1 High
CVSS3
Связанные уязвимости
An exploitable remote code execution vulnerability exists in the handling of TIFF images in LibTIFF version 4.0.6. A crafted TIFF document can lead to a type confusion vulnerability resulting in remote code execution. This vulnerability can be triggered via a TIFF file delivered to the application using LibTIFF's tag extension functionality.
An exploitable remote code execution vulnerability exists in the handling of TIFF images in LibTIFF version 4.0.6. A crafted TIFF document can lead to a type confusion vulnerability resulting in remote code execution. This vulnerability can be triggered via a TIFF file delivered to the application using LibTIFF's tag extension functionality.
An exploitable remote code execution vulnerability exists in the handl ...
An exploitable remote code execution vulnerability exists in the handling of TIFF images in LibTIFF version 4.0.6. A crafted TIFF document can lead to a type confusion vulnerability resulting in remote code execution. This vulnerability can be triggered via a TIFF file delivered to the application using LibTIFF's tag extension functionality.
EPSS
6.8 Medium
CVSS2
8.1 High
CVSS3