VDB

GCVE-110-MAGEIA-2018-109

GCVE-110-MAGEIA-2018-109
Advisory Published
Vulnetix · Advisory published February 6, 2018
tools/pal2rgb.c in pal2rgb in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (TIFFSetupStrips heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file. (CVE-2017-17095) In LibTIFF 4.0.8, there is a heap-based buffer overflow in the t2p_write_pdf function in tools/tiff2pdf.c. This heap overflow could lead to different damages. For example, a crafted TIFF document can lead to an out-of-bounds read in TIFFCleanup, an invalid free in TIFFClose or t2p_free, memory corruption in t2p_readwrite_pdf_image, or a double free in t2p_free. Given these possibilities, it probably could cause arbitrary code execution. (CVE-2017-9935) In LibTIFF 4.0.9, there is a Null-Pointer Dereference in the tif_print.c TIFFPrintDirectory function, as demonstrated by a tiffinfo crash. (CVE-2017-18013)

Affected Products

VendorProductVersionsPlatforms
Mageialibtiff0 (affected), 4.0.9-1.1.mga6 (unaffected), 0 (affected), 4.0.9-1.1.mga6 (unaffected)
Mageialibtiff0 (affected), 4.0.9-1.1.mga5 (unaffected), 0 (affected), 4.0.9-1.1.mga5 (unaffected)
Mageiaperl-Finance-Quote1.470.0-1.mga6 (unaffected), 0 (affected)

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›