Lucene search
Veracode Vulnerability DatabaseVERACODE:21700HistoryOct 15, 2019 - 4:59 a.m.
Denial Of Service (DoS)
2019-10-1504:59:30
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
13
0.008 Low
EPSS
Percentile
82.1%
libtiff.so is vulnerable to denial of service (DoS). A heap-based buffer overflow in tif_getimage.c caused by an integer overflow allows an attacker to crash the application via a malicious RGBA image, or potentially execute arbitrary code on the system.
| CPE | Name | Operator | Version |
|---|---|---|---|
| libtiff.so | le | 5.3.0 | |
| libtiff | eq | 4.0.9__15.el8 | |
| libtiff | eq | 4.0.3__32.el7 | |
| libtiff | eq | 4.0.9__17.el8 | |
| libtiff | eq | 4.0.9__13.el8 | |
| libtiff | le | 4.0.6.2 |
References
bugs.chromium.org/p/oss-fuzz/issues/detail?id=16443
github.com/OSGeo/gdal/commit/21674033ee246f698887604c7af7ba1962a40ddf
gitlab.com/libtiff/libtiff/commit/4bb584a35f87af42d6cf09d15e9ce8909a839145
lists.debian.org/debian-lts-announce/2019/11/msg00027.html
seclists.org/bugtraq/2020/Jan/32
www.debian.org/security/2020/dsa-4608
Related
nessus
nessus
Fedora 31 : libtiff (2020-2e9bd06377)
2020-03-06 00:00:00
RHEL 8 : libtiff (RHSA-2020:4634)
2020-11-04 00:00:00
NewStart CGSL MAIN 6.02 : libtiff Vulnerability (NS-SA-2021-0058)
2021-03-10 00:00:00
osv
osv
gdal - security update
2020-03-19 00:00:00
Moderate: libtiff security update
2020-11-03 12:22:21
Moderate: libtiff security update
2020-11-03 12:22:21
ibm
ibm
ubuntucve
ubuntucve
CVE-2019-17546
2019-10-14 00:00:00
cve
cve
CVE-2019-17546
2019-10-14 02:15:11
openvas
openvas
Huawei EulerOS: Security Advisory for libtiff (EulerOS-SA-2019-2707)
2020-01-23 00:00:00
Huawei EulerOS: Security Advisory for libtiff (EulerOS-SA-2019-2288)
2020-01-23 00:00:00
Mageia: Security Advisory (MGASA-2019-0366)
2022-01-28 00:00:00
cvelist
cvelist
CVE-2019-17546
2019-10-14 01:07:02
oraclelinux
oraclelinux
libtiff security update
2020-11-10 00:00:00
libtiff security update
2020-10-06 00:00:00
redhatcve
redhatcve
CVE-2019-17546
2019-10-25 19:21:00
prion
prion
Integer overflow
2019-10-14 02:15:00
debiancve
debiancve
CVE-2019-17546
2019-10-14 02:15:11
almalinux
almalinux
Moderate: libtiff security update
2020-11-03 12:22:21
debian
debian
[SECURITY] [DLA 2147-1] gdal security update
2020-03-18 20:47:13
[SECURITY] [DSA 4608-1] tiff security update
2020-01-21 21:45:57
[SECURITY] [DLA 2009-1] tiff security update
2019-11-26 21:24:54
rocky
rocky
libtiff security update
2020-11-03 12:22:21
nvd
nvd
CVE-2019-17546
2019-10-14 02:15:11
redhat
redhat
(RHSA-2020:4634) Moderate: libtiff security update
2020-11-03 12:22:21
(RHSA-2020:3902) Moderate: libtiff security update
2020-09-29 07:42:07
mageia
mageia
Updated libtiff packages fix security vulnerability
2019-12-06 17:15:42
amazon
amazon
Medium: libtiff
2020-10-22 18:24:00
Medium: libtiff
2020-11-14 01:23:00
ubuntu
ubuntu
LibTIFF vulnerabilities
2019-10-17 00:00:00
LibTIFF vulnerabilities
2023-02-02 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2019-0044
2019-11-28 00:00:00
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2020-2.0-0202
2020-01-25 00:00:00
Important Photon OS Security Update - PHSA-2019-3.0-0044
2019-11-28 00:00:00
cloudfoundry
cloudfoundry
USN-4158-1: LibTIFF vulnerabilities | Cloud Foundry
2021-03-09 00:00:00
fedora
fedora
[SECURITY] Fedora 31 Update: libtiff-4.0.10-8.fc31
2020-03-04 21:31:32
[SECURITY] Fedora 30 Update: libtiff-4.0.10-8.fc30
2020-03-04 21:38:46
centos
centos
libtiff security update
2020-10-20 18:24:55
altlinux
altlinux
Security fix for the ALT Linux 10 package libtiff version 4.1.0-alt1
2019-11-14 00:00:00
gentoo
gentoo
libTIFF: Multiple vulnerabilities
2020-03-15 00:00:00
suse
suse
Security update for tiff (important)
2022-02-17 00:00:00