CVE-2017-5563

Опубликовано: 23 янв. 2017

Источник: ubuntu

Приоритет: low

EPSS Низкий

CVSS2: 6.8

CVSS3: 8.8

Описание

LibTIFF version 4.0.7 is vulnerable to a heap-based buffer over-read in tif_lzw.c resulting in DoS or code execution via a crafted bmp image to tools/bmp2tiff.

Релиз	Статус	Примечание
artful	not-affected	4.0.8-5
devel	not-affected	4.0.9-4
esm-infra-legacy/trusty	released	4.0.3-7ubuntu0.9
esm-infra/xenial	released	4.0.6-1ubuntu0.4
precise	ignored	end of life
precise/esm	ignored
trusty	released	4.0.3-7ubuntu0.9
trusty/esm	released	4.0.3-7ubuntu0.9
upstream	needed
vivid/stable-phone-overlay	ignored	end of life

Показывать по

Ссылки на источники

EPSS

Процентиль: 57%

0.00354

Низкий

6.8 Medium

CVSS2

8.8 High

CVSS3

Связанные уязвимости

CVE-2017-5563

CVSS3: 5.3

redhat

около 9 лет назад

LibTIFF version 4.0.7 is vulnerable to a heap-based buffer over-read in tif_lzw.c resulting in DoS or code execution via a crafted bmp image to tools/bmp2tiff.

CVE-2017-5563

CVSS3: 8.8

nvd

около 9 лет назад

LibTIFF version 4.0.7 is vulnerable to a heap-based buffer over-read in tif_lzw.c resulting in DoS or code execution via a crafted bmp image to tools/bmp2tiff.

CVE-2017-5563

CVSS3: 8.8

debian

около 9 лет назад

LibTIFF version 4.0.7 is vulnerable to a heap-based buffer over-read i ...

GHSA-qvg6-9fpw-3vw9

CVSS3: 8.8

github

больше 3 лет назад

LibTIFF version 4.0.7 is vulnerable to a heap-based buffer over-read in tif_lzw.c resulting in DoS or code execution via a crafted bmp image to tools/bmp2tiff.

EPSS

Процентиль: 57%

0.00354

Низкий

6.8 Medium

CVSS2

8.8 High

CVSS3

CVE-2017-5563

Описание

Пакет tiff

Ссылки на источники

Связанные уязвимости