Lucene search
PRIOn knowledge basePRION:CVE-2018-5784HistoryJan 19, 2018 - 8:29 a.m.
Directory traversal
2018-01-1908:29:00
PRIOn knowledge base
www.prio-n.com
6
In LibTIFF 4.0.9, there is an uncontrolled resource consumption in the TIFFSetDirectory function of tif_dir.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted tif file. This occurs because the declared number of directory entries is not validated against the actual number of directory entries.
| CPE | Name | Operator | Version |
|---|---|---|---|
| ubuntu_linux | eq | 16.04 | |
| ubuntu_linux | eq | 14.04 | |
| ubuntu_linux | eq | 17.10 | |
| debian_linux | eq | 8.0 | |
| debian_linux | eq | 7.0 | |
| debian_linux | eq | 9.0 | |
| libtiff | eq | 4.0.9 |
References
bugzilla.maptools.org/show_bug.cgi?id=2772
gitlab.com/libtiff/libtiff/commit/473851d211cf8805a161820337ca74cc9615d6ef
lists.debian.org/debian-lts-announce/2018/05/msg00022.html
lists.debian.org/debian-lts-announce/2018/07/msg00002.html
usn.ubuntu.com/3602-1/
usn.ubuntu.com/3606-1/
www.debian.org/security/2018/dsa-4349
Related
cve
cve
CVE-2018-5784
2018-01-19 08:29:00
fedora
fedora
[SECURITY] Fedora 28 Update: libtiff-4.0.9-7.fc28
2018-03-30 13:40:05
[SECURITY] Fedora 27 Update: libtiff-4.0.9-7.fc27
2018-03-28 23:51:15
[SECURITY] Fedora 27 Update: libtiff-4.0.9-8.fc27
2018-04-24 04:03:22
debiancve
debiancve
CVE-2018-5784
2018-01-19 08:29:00
alpinelinux
alpinelinux
CVE-2018-5784
2018-01-19 08:29:00
cvelist
cvelist
CVE-2018-5784
2018-01-19 08:00:00
ubuntucve
ubuntucve
CVE-2018-5784
2018-01-19 00:00:00
openvas
openvas
Fedora Update for libtiff FEDORA-2018-e6a51e99a4
2018-03-29 00:00:00
Mageia: Security Advisory (MGASA-2018-0180)
2022-01-28 00:00:00
Debian: Security Advisory (DLA-1391-1)
2018-06-03 00:00:00
redhatcve
redhatcve
CVE-2018-5784
2020-04-05 10:59:45
nessus
nessus
Fedora 28 : libtiff (2018-7a0f7f5768)
2019-01-03 00:00:00
Fedora 27 : libtiff (2018-e6a51e99a4)
2018-03-29 00:00:00
Debian DLA-1391-1 : tiff security update
2018-06-05 00:00:00
osv
osv
CVE-2018-5784
2018-01-19 08:29:00
tiff - security update
2018-05-31 00:00:00
tiff - security update
2018-07-02 00:00:00
nvd
nvd
CVE-2018-5784
2018-01-19 08:29:00
veracode
veracode
Denial Of Service (DoS)
2018-04-18 08:27:55
debian
debian
[SECURITY] [DLA 1391-1] tiff security update
2018-05-31 23:22:40
[SECURITY] [DLA 1411-1] tiff security update
2018-07-02 14:49:43
[SECURITY] [DSA 4349-1] tiff security update
2018-11-30 22:41:54
mageia
mageia
Updated libtiff packages fix security vulnerabilities
2018-03-19 15:13:14
archlinux
archlinux
[ASA-201811-18] lib32-libtiff: multiple issues
2018-11-20 00:00:00
ubuntu
ubuntu
LibTIFF vulnerabilities
2018-03-26 00:00:00
LibTIFF vulnerabilities
2018-03-20 00:00:00
cloudfoundry
cloudfoundry
USN-3606-1: LibTIFF vulnerabilities | Cloud Foundry
2018-05-02 00:00:00
USN-3602-1: LibTIFF vulnerabilities | Cloud Foundry
2018-05-02 00:00:00
photon
photon
ibm
ibm
Security Bulletin: Vyatta 5600 vRouter Software Patches - Release 1801-v
2019-04-18 16:40:01