Showing 1 - 3 of 3

CVE-2016-5652

Status Candidate

Overview

An exploitable heap-based buffer overflow exists in the handling of TIFF images in LibTIFF's TIFF2PDF tool. A crafted TIFF document can lead to a heap-based buffer overflow resulting in remote code execution. Vulnerability can be triggered via a saved TIFF file delivered by other means.

Related Files

Slackware Security Advisory - libtiff Updates: Posted Apr 11, 2017; Authored by Slackware Security Team | Site slackware.com; Slackware Security Advisory - New libtiff packages are available for Slackware 14.2 and -current to fix security issues.; tags | advisory; systems | linux, slackware; advisories | CVE-2014-8127, CVE-2015-8665, CVE-2015-8683, CVE-2016-3622, CVE-2016-3623, CVE-2016-3658, CVE-2016-5321, CVE-2016-5323, CVE-2016-5652, CVE-2016-5875, CVE-2016-9273, CVE-2016-9448; SHA-256 | 9cf5da033c9d3df83f2a230c8da0e0b785bda7f3ef408760cb96a8c808598605; Download | Favorite | View

Ubuntu Security Notice USN-3212-1: Posted Feb 27, 2017; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 3212-1 - It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges.; tags | advisory, remote, denial of service, arbitrary; systems | linux, ubuntu; advisories | CVE-2015-7554, CVE-2015-8668, CVE-2016-10092, CVE-2016-10093, CVE-2016-10094, CVE-2016-3622, CVE-2016-3623, CVE-2016-3624, CVE-2016-3632, CVE-2016-3658, CVE-2016-3945, CVE-2016-3990, CVE-2016-3991, CVE-2016-5314, CVE-2016-5315, CVE-2016-5316, CVE-2016-5317, CVE-2016-5320, CVE-2016-5321, CVE-2016-5322, CVE-2016-5323, CVE-2016-5652, CVE-2016-5875, CVE-2016-6223, CVE-2016-8331, CVE-2016-9273, CVE-2016-9297, CVE-2016-9448; SHA-256 | 50e2487e59c9fd362a115544695941590f358ca4f554cabb42c9b3cff485021f; Download | Favorite | View

Red Hat Security Advisory 2017-0225-01: Posted Feb 1, 2017; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2017-0225-01 - The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Security Fix: Multiple flaws have been discovered in libtiff. A remote attacker could exploit these flaws to cause a crash or memory corruption and, possibly, execute arbitrary code by tricking an application linked against libtiff into processing specially crafted files.; tags | advisory, remote, arbitrary; systems | linux, redhat; advisories | CVE-2015-8870, CVE-2016-5652, CVE-2016-9533, CVE-2016-9534, CVE-2016-9535, CVE-2016-9536, CVE-2016-9537, CVE-2016-9540; SHA-256 | d2d426527fd5c7f7ab0c99b252adf5b35b156134b868c67f1a32a708ffa12998; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 299 files
Ubuntu 67 files
Debian 24 files
Gentoo 13 files
Ahmet Umit Bayram 10 files
Apple 9 files
malvuln 8 files
Google Security Research 5 files
nu11secur1ty 5 files
Jann Horn 5 files

File Archives

Systems

AIX (429)
Apple (2,088)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,054)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,500)
HPUX (880)
iOS (375)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,923)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (16,009)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,548)
UNIX (9,415)
UnixWare (187)
Windows (6,661)
Other

CVE-2016-5652

Overview

Related Files

File Archive:

June 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems