Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2016-9448

Опубликовано: 27 янв. 2017
Источник: ubuntu
Приоритет: low
EPSS Низкий
CVSS2: 5
CVSS3: 7.5

Описание

The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) by setting the tags TIFF_SETGET_C16ASCII or TIFF_SETGET_C32_ASCII to values that access 0-byte arrays. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9297.

РелизСтатусПримечание
artful

not-affected

4.0.7-1
devel

not-affected

4.0.7-1
esm-infra-legacy/trusty

released

4.0.3-7ubuntu0.6
esm-infra/xenial

released

4.0.6-1ubuntu0.1
precise

ignored

end of life
precise/esm

ignored

trusty

released

4.0.3-7ubuntu0.6
trusty/esm

released

4.0.3-7ubuntu0.6
upstream

released

4.0.7
vivid/stable-phone-overlay

ignored

end of life

Показывать по

Ссылки на источники

EPSS

Процентиль: 84%
0.02076
Низкий

5 Medium

CVSS2

7.5 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2016-9448

CVSS3: 3.3
redhat
около 9 лет назад

The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) by setting the tags TIFF_SETGET_C16ASCII or TIFF_SETGET_C32_ASCII to values that access 0-byte arrays. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9297.

nvd логотип

CVE-2016-9448

CVSS3: 7.5
nvd
около 9 лет назад

The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) by setting the tags TIFF_SETGET_C16ASCII or TIFF_SETGET_C32_ASCII to values that access 0-byte arrays. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9297.

debian логотип

CVE-2016-9448

CVSS3: 7.5
debian
около 9 лет назад

The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attacke ...

github логотип

GHSA-fh4x-w635-c436

CVSS3: 7.5
github
больше 3 лет назад

The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) by setting the tags TIFF_SETGET_C16ASCII or TIFF_SETGET_C32_ASCII to values that access 0-byte arrays. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9297.

suse-cvrf логотип

openSUSE-SU-2017:0074-1

suse-cvrf
около 9 лет назад

Security update for tiff

EPSS

Процентиль: 84%
0.02076
Низкий

5 Medium

CVSS2

7.5 High

CVSS3