Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
amazonAmazonALAS-2015-553
HistoryJun 22, 2015 - 3:07 p.m.

Medium: libtiff

2015-06-2215:07:00
alas.aws.amazon.com
11

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.057 Low

EPSS

Percentile

93.2%

JSON

Issue Overview:

Use of uninitialized memory was reported in in libtiff.

Affected Packages:

libtiff

Issue Correction:
Run yum update libtiff to update your system.

New Packages:

i686:  
    libtiff-4.0.3-20.20.amzn1.i686  
    libtiff-debuginfo-4.0.3-20.20.amzn1.i686  
    libtiff-devel-4.0.3-20.20.amzn1.i686  
    libtiff-static-4.0.3-20.20.amzn1.i686  
  
src:  
    libtiff-4.0.3-20.20.amzn1.src  
  
x86_64:  
    libtiff-debuginfo-4.0.3-20.20.amzn1.x86_64  
    libtiff-devel-4.0.3-20.20.amzn1.x86_64  
    libtiff-static-4.0.3-20.20.amzn1.x86_64  
    libtiff-4.0.3-20.20.amzn1.x86_64

Additional References

Red Hat: CVE-2014-9655, CVE-2015-1547

Mitre: CVE-2014-9655, CVE-2015-1547

Related

fedora 4
nessus 33
openvas 24
ubuntucve 2
prion 2
veracode 2
debiancve 2
cve 2
osv 2
f5 3
mageia 2
securityvulns 3
amazon 2
debian 3
ubuntu 2
ibm 2
centos 2
redhat 2
oraclelinux 2
gentoo 1
fedora
fedora
[SECURITY] Fedora 22 Update: libtiff-4.0.3-20.fc22
2015-06-02 15:14:07
[SECURITY] Fedora 21 Update: libtiff-4.0.3-20.fc21
2015-05-30 15:55:39
[SECURITY] Fedora 22 Update: mingw-libtiff-4.0.3-6.fc22
2015-05-01 16:38:10
nessus
nessus
Fedora 21 : mingw-libtiff-4.0.3-6.fc21 (2015-6903)
2015-05-05 00:00:00
Fedora 22 : libtiff-4.0.3-20.fc22 (2015-8620)
2015-06-03 00:00:00
Amazon Linux AMI : libtiff (ALAS-2015-553)
2015-06-25 00:00:00
openvas
openvas
Fedora Update for mingw-libtiff FEDORA-2015-6907
2015-07-07 00:00:00
Fedora Update for mingw-libtiff FEDORA-2015-6903
2015-05-05 00:00:00
Fedora Update for libtiff FEDORA-2015-8620
2015-07-07 00:00:00
ubuntucve
ubuntucve
CVE-2015-1547
2016-04-13 00:00:00
CVE-2014-9655
2015-02-07 00:00:00
prion
prion
Code injection
2016-04-13 17:59:00
Code injection
2016-04-13 17:59:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 05:45:56
Denial Of Service (DoS)
2019-05-02 05:45:56
debiancve
debiancve
CVE-2014-9655
2016-04-13 17:59:00
CVE-2015-1547
2016-04-13 17:59:00
cve
cve
CVE-2014-9655
2016-04-13 17:59:00
CVE-2015-1547
2016-04-13 17:59:00
osv
osv
tiff - security update
2015-05-16 00:00:00
tiff - security update
2015-05-25 00:00:00
f5
f5
K11220361 : LibTIFF vulnerability CVE-2015-1547
2017-09-13 00:00:00
K35155453 : Multiple LibTIFF vulnerabilities
2016-11-08 00:00:00
SOL35155453 - Multiple LibTIFF vulnerabilities
2016-11-08 00:00:00
mageia
mageia
Updated libtiff packages fix security vulnerabilities
2015-03-23 00:42:09
Updated libtiff package fixes security vulnerabilities
2016-01-14 04:44:39
securityvulns
securityvulns
[ MDVSA-2015:147-1 ] libtiff
2015-04-13 00:00:00
LibTIFF multiple security vulnerabilities
2015-04-13 00:00:00
[USN-2553-1] LibTIFF vulnerabilities
2015-04-09 00:00:00
amazon
amazon
Important: compat-libtiff3
2016-08-17 13:30:00
Important: libtiff
2016-08-17 13:30:00
debian
debian
[SECURITY] [DLA 221-1] tiff security update
2015-05-16 01:31:54
[SECURITY] [DSA 3273-1] tiff security update
2015-05-25 20:54:54
[SECURITY] [DLA 610-1] tiff3 security update
2016-09-04 22:04:45
ubuntu
ubuntu
LibTIFF vulnerabilities
2015-03-31 00:00:00
LibTIFF regression
2015-04-01 00:00:00
ibm
ibm
Security Bulletin: Multiple vulnerabilities in libtiff affect PowerKVM
2018-06-18 01:33:05
Security Bulletin: Libtiff vulnerabilities affect IBM SmartClound Entry
2020-07-19 00:49:12
centos
centos
libtiff security update
2016-08-02 21:57:58
libtiff security update
2016-08-02 15:06:00
redhat
redhat
(RHSA-2016:1547) Important: libtiff security update
2016-08-02 14:27:54
(RHSA-2016:1546) Important: libtiff security update
2016-08-02 14:26:49
oraclelinux
oraclelinux
libtiff security update
2016-08-02 00:00:00
libtiff security update
2016-08-02 00:00:00
gentoo
gentoo
libTIFF: Multiple vulnerabilities
2017-01-09 00:00:00

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.057 Low

EPSS

Percentile

93.2%

JSON
Related for ALAS-2015-553
fedora4nessus33openvas24ubuntucve2prion2veracode2debiancve2cve2osv2f53mageia2securityvulns3amazon2debian3ubuntu2ibm2centos2redhat2oraclelinux2gentoo1