Freely subscribe to our NEWSLETTER

Security Vulnerability

Vigil@nce - LibTIFF: three vulnerabilities

August 2016 by Vigil@nce

This bulletin was written by Vigil@nce : https://vigilance.fr/offer

SYNTHESIS OF THE VULNERABILITY

An attacker can use several vulnerabilities of LibTIFF.

Impacted products: LibTIFF.

Severity: 2/4.

Creation date: 07/06/2016.

DESCRIPTION OF THE VULNERABILITY

Several vulnerabilities were announced in LibTIFF.

An attacker can generate a buffer overflow via thumbnail, in order
to trigger a denial of service, and possibly to run code.
[severity:2/4; CVE-2016-5318]

An attacker can generate a buffer overflow via bmp2tiff, in order
to trigger a denial of service, and possibly to run code.
[severity:1/4]

An attacker can generate a buffer overflow via bmp2tiff, in order
to trigger a denial of service, and possibly to run code.
[severity:2/4; CVE-2016-5319]

ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN

https://vigilance.fr/vulnerability/LibTIFF-three-vulnerabilities-19810