PT-2014-8419 · Libtiff+3 · Libtiff+4
Publicado
2014-12-31
·
Atualizado
2024-06-15
·
CVE-2014-8128
CVSS v3.1
6.5
Média
| Vetor | AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
LibTIFF versions prior to 4.0.4
Apple iOS versions prior to 8.4
OS X versions prior to 10.10.4
Description
The issue allows remote attackers to cause a denial of service, specifically an out-of-bounds write, via a crafted TIFF image. This can be exploited by sending a maliciously crafted image to affected devices.
Recommendations
For LibTIFF versions prior to 4.0.4, update to version 4.0.4 or later.
For Apple iOS versions prior to 8.4, update to iOS 8.4 or later.
For OS X versions prior to 10.10.4, update to OS X 10.10.4 or later.
Exploit
Correção
DoS
Memory Corruption
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Libtiff
Os X
Suse
Ubuntu
Ios