PT-2016-2787 · Libtiff+1 · Libtiff+1
Kaixiang Zhang
·
Publicado
2016-10-03
·
Atualizado
2019-04-10
·
CVE-2016-3633
CVSS v3.1
7.5
Alta
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
LibTIFF versions 4.0.6 and earlier
Description
The issue allows remote attackers to cause a denial of service, specifically an out-of-bounds read, via vectors related to the
src variable. This is related to the setrow function in the thumbnail tool.Recommendations
For LibTIFF versions 4.0.6 and earlier, consider restricting access to the thumbnail tool until a patch is available. As a temporary workaround, avoid using the
setrow function in the thumbnail tool to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.DoS
Out of bounds Read
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Alt Linux
Libtiff