Published: 20/01/2017 Updated: 01/07/2017

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

Heap-based buffer overflow in tif_packbits.c in libtiff 4.0.6 and previous versions allows remote malicious users to crash the application via a crafted bmp file.

Vulnerable Product	Search on Vulmon	Subscribe to Product
libtiff libtiff

Heap-based buffer overflow in tif_packbitsc in libtiff 406 and earlier allows remote attackers to crash the application via a crafted bmp file ...

Debian Bug report logs - #820362 tiff: CVE-2016-3619: Memory corruption in DumpModeEncode triggered by crafted bmp file Package: src:tiff; Maintainer for src:tiff is Laszlo Boszormenyi (GCS) <gcs@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Thu, 7 Apr 2016 18:51:02 UTC Severity: important ...

Debian Bug report logs - #842361 CVE-2016-5652: heap based buffer overflow in tiff2pdf Package: tiff; Maintainer for tiff is Laszlo Boszormenyi (GCS) <gcs@debianorg>; Reported by: Raphael Hertzog <hertzog@debianorg> Date: Fri, 28 Oct 2016 12:42:05 UTC Severity: important Tags: fixed-upstream, patch, security, upstr ...

Debian Bug report logs - #820363 tiff: CVE-2016-3620: Out-of-bound read in ZIPEncode Package: src:tiff; Maintainer for src:tiff is Laszlo Boszormenyi (GCS) <gcs@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Thu, 7 Apr 2016 18:51:06 UTC Severity: important Tags: security, upstream Found in ...

Debian Bug report logs - #819972 tiff: CVE-2016-3186: buffer overflow in gif2tiff Package: src:tiff; Maintainer for src:tiff is Laszlo Boszormenyi (GCS) <gcs@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 4 Apr 2016 12:51:02 UTC Severity: important Tags: security, upstream, wontfix Fo ...

Debian Bug report logs - #842046 Multiple CVE: Remove tools dropped by upstream Package: tiff; Maintainer for tiff is Laszlo Boszormenyi (GCS) <gcs@debianorg>; Reported by: Raphael Hertzog <hertzog@debianorg> Date: Tue, 25 Oct 2016 14:00:02 UTC Severity: important Tags: security Found in version 402-6 Fixed in v ...

Debian Bug report logs - #842270 CVE-2016-6223: information leak in libtiff/tif_readc Package: tiff; Maintainer for tiff is Laszlo Boszormenyi (GCS) <gcs@debianorg>; Reported by: Raphael Hertzog <hertzog@debianorg> Date: Thu, 27 Oct 2016 14:30:01 UTC Severity: important Tags: fixed-upstream, patch, security, upstr ...

Debian Bug report logs - #820364 tiff: CVE-2016-3621: Out-of-bounds Read in the bmp2tiff tool Package: src:tiff; Maintainer for src:tiff is Laszlo Boszormenyi (GCS) <gcs@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Thu, 7 Apr 2016 18:51:11 UTC Severity: important Tags: security, upstream ...

Debian Bug report logs - #820366 tiff: CVE-2016-3631: Illegal read in the cpStrips and cpTiles function Package: src:tiff; Maintainer for src:tiff is Laszlo Boszormenyi (GCS) <gcs@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Thu, 7 Apr 2016 18:54:02 UTC Severity: important Tags: fixed-ups ...

Heap-based buffer overflow vulnerability was found in tif_packbitsc in PackBitsEncode function Memory corruption can be triggered when bmp2tiff is handling maliciously crafted bmp file causing application to crash or possibly execute arbitrary code ...

CWE-119 http://www.securityfocus.com/bid/88604 http://www.openwall.com/lists/oss-security/2016/06/07/1 http://www.openwall.com/lists/oss-security/2016/04/27/6 https://security.gentoo.org/glsa/201701-16 https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2016-5319 https://security.archlinux.org/CVE-2016-5319

Get Started

CVE-2016-5319

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect