LibTIFF 4.0.3 allows remote malicious users to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by failure of tif_next.c to verify that the BitsPerSample value is 2, and the t2p_sample_lab_signed_to_unsigned function in tiff2pdf.c.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
libtiff libtiff 4.0.3 |
||
debian debian linux 7.0 |
||
redhat enterprise linux server aus 7.2 |
||
redhat enterprise linux server tus 7.2 |
||
redhat enterprise linux server 7.0 |
||
redhat enterprise linux server eus 7.2 |
||
redhat enterprise linux server 6.0 |
||
redhat enterprise linux server tus 7.3 |
||
redhat enterprise linux server aus 7.3 |
||
redhat enterprise linux server aus 7.4 |
||
redhat enterprise linux server eus 7.3 |
||
redhat enterprise linux server eus 7.4 |
||
apple mac os x 10.10.0 |
||
apple mac os x 10.10.1 |
||
apple mac os x 10.9.5 |
||
apple mac os x 10.10.3 |
||
apple mac os x 10.10.2 |
||
apple mac os x 10.8.5 |
||
apple iphone os - |