Lucene search

Veracode Vulnerability DatabaseVERACODE:6387

HistoryMay 25, 2018 - 8:39 a.m.

Denial Of Service (DoS)

2018-05-2508:39:54

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.006 Low

EPSS

Percentile

78.2%

JSON

libtiff.so is vulnerable to denial of service (DoS) attacks. A malicious user can pass a tiff file to the TIFFWriteDirectoryTagSubifd function in tif_dirwrite.c to cause an assertion abort that can crash the application.

CPENameOperatorVersion
libtiff.sole5.6.0
libtiffle4.0.6.2

CPE	Name	Operator	Version
	libtiff.so	le	5.6.0
	libtiff	le	4.0.6.2

References

bugzilla.maptools.org/show_bug.cgi?id=2728

www.securityfocus.com/bid/100524

github.com/vadz/libtiff/commit/b6af137bf9ef852f1a48a50a5afb88f9e9da01cc

usn.ubuntu.com/3602-1/

www.debian.org/security/2018/dsa-4100

0.006 Low

EPSS

Percentile

78.2%

JSON

Related for VERACODE:6387