Veracode Vulnerability DatabaseVERACODE:6358

HistoryMay 23, 2018 - 6:23 a.m.

Invalid Write

2018-05-2306:23:51

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

EPSS

0.049

Percentile

92.8%

JSON

libtiff.so is vulnerable to invalid write attacks. The vulnerability exists in the TIFFReadDirectory function of libtiff/tif_dirread.c where field data for extension tags can be written to invalid memory locations.

References

bugzilla.suse.com/show_bug.cgi?id=960341

github.com/vadz/libtiff/commit/4d4fa0b68ae9ae038959ee4f69ebe288ec892f06

prion

Code injection

2016-01-08 19:59:00

nessus

openSUSE Security Update : tiff (openSUSE-2016-79)

2016-01-26 00:00:00

openSUSE Security Update : tiff (openSUSE-2016-85)

2016-01-27 00:00:00

openSUSE Security Update : tiff (openSUSE-2016-101)

2016-01-27 00:00:00

cvelist

CVE-2015-7554

2016-01-08 19:00:00

openvas

F5 BIG-IP - TIFF vulnerability CVE-2015-7554

2016-10-24 00:00:00

SUSE: Security Advisory (SUSE-SU-2016:0160-1)

2021-04-19 00:00:00

Debian: Security Advisory (DLA-692-1)

2023-03-08 00:00:00

debiancve

CVE-2015-7554

2016-01-08 19:59:06

ubuntucve

CVE-2015-7554

2016-01-08 00:00:00

CVE-2016-10095

2017-03-01 00:00:00

CVE-2016-5318

2017-01-20 00:00:00

cve

CVE-2015-7554

2016-01-08 19:59:06

K38871451 : LibTIFF vulnerability CVE-2015-7554

2016-10-18 00:00:00

nvd

CVE-2015-7554

2016-01-08 19:59:06

redhatcve

CVE-2016-10095

2017-01-04 11:48:00

archlinux

[ASA-201707-17] libtiff: arbitrary code execution

2017-07-18 00:00:00

[ASA-201707-18] lib32-libtiff: arbitrary code execution

2017-07-18 00:00:00

debian

[SECURITY] [DLA 692-1] tiff3 security update

2016-11-02 12:40:37

[SECURITY] [DLA 693-1] tiff security update

2016-11-02 12:53:25

osv

tiff3 - security update

2016-11-02 00:00:00

tiff - security update

2016-11-02 00:00:00

libtiff-devel-32bit-4.0.7-1.1 on GA media

2024-06-15 00:00:00

ibm

Security Bulletin: Multiple vulnerabilities in tiff affect IBM Flex System Manager(FSM)

2018-06-18 01:32:21

Security Bulletin: Libtiff vulnerabilities affect IBM SmartClound Entry

2020-07-19 00:49:12

Security Bulletin: Multiple vulnerabilities in libtiff affect PowerKVM

2018-06-18 01:33:05

suse

Security update for tiff (important)

2018-01-15 15:15:26

Security update for tiff (important)

2018-01-12 15:08:49

Security update for tiff (important)

2016-12-07 15:08:51

ubuntu

LibTIFF vulnerabilities

2017-07-19 00:00:00

LibTIFF vulnerabilities

2017-02-27 00:00:00

mageia

The updated packages fix libtiff security vulnerabilities

2016-10-21 01:35:16

redhat

(RHSA-2016:1547) Important: libtiff security update

2016-08-02 14:27:54

(RHSA-2016:1546) Important: libtiff security update

2016-08-02 14:26:49

oraclelinux

libtiff security update

2016-08-02 00:00:00

libtiff security update

2016-08-02 00:00:00

amazon

Important: libtiff

2016-08-17 13:30:00

centos

libtiff security update

2016-08-02 15:06:00

libtiff security update

2016-08-02 21:57:58

cloudfoundry

USN-3212-1: LibTIFF vulnerabilities | Cloud Foundry

2017-03-17 00:00:00

gentoo

libTIFF: Multiple vulnerabilities

2017-01-09 00:00:00

kitploit

arch-audit - An utility like pkg-audit for Arch Linux

2016-10-15 14:30:00

Invalid Write

References

Related