Описание
There is a heap based buffer overflow in tools/tiff2pdf.c of LibTIFF 4.0.8 via a PlanarConfig=Contig image, which causes a more than one hundred bytes out-of-bounds write (related to the ZIPDecode function in tif_zip.c). A crafted input may lead to a remote denial of service attack or an arbitrary code execution attack.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | not-affected | 4.0.8-4 |
| devel | not-affected | 4.0.8-4 |
| esm-infra-legacy/trusty | released | 4.0.3-7ubuntu0.8 |
| esm-infra/xenial | released | 4.0.6-1ubuntu0.3 |
| precise/esm | ignored | |
| trusty | released | 4.0.3-7ubuntu0.8 |
| trusty/esm | released | 4.0.3-7ubuntu0.8 |
| upstream | released | 4.0.8-4 |
| vivid/ubuntu-core | DNE | |
| xenial | released | 4.0.6-1ubuntu0.3 |
Показывать по
6.8 Medium
CVSS2
8.8 High
CVSS3
Связанные уязвимости
There is a heap based buffer overflow in tools/tiff2pdf.c of LibTIFF 4.0.8 via a PlanarConfig=Contig image, which causes a more than one hundred bytes out-of-bounds write (related to the ZIPDecode function in tif_zip.c). A crafted input may lead to a remote denial of service attack or an arbitrary code execution attack.
There is a heap based buffer overflow in tools/tiff2pdf.c of LibTIFF 4.0.8 via a PlanarConfig=Contig image, which causes a more than one hundred bytes out-of-bounds write (related to the ZIPDecode function in tif_zip.c). A crafted input may lead to a remote denial of service attack or an arbitrary code execution attack.
There is a heap based buffer overflow in tools/tiff2pdf.c of LibTIFF 4 ...
There is a heap based buffer overflow in tools/tiff2pdf.c of LibTIFF 4.0.8 via a PlanarConfig=Contig image, which causes a more than one hundred bytes out-of-bounds write (related to the ZIPDecode function in tif_zip.c). A crafted input may lead to a remote denial of service attack or an arbitrary code execution attack.
6.8 Medium
CVSS2
8.8 High
CVSS3