The TIFFWriteDirectorySec() function in tif_dirwrite.c in LibTIFF through 4.0.9 allows remote attackers to cause a denial of service (assertion failure and application crash) via a crafted file, a different vulnerability than CVE-2017-13726. (CVE-2018-10963) In LibTIFF 4.0.9, a heap-based buffer overflow occurs in the function LZWDecodeCompat in tif_lzw.c via a crafted TIFF file, as demonstrated by tiff2ps. (CVE-2018-8905)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 5 | noarch | libtiff | <Â 4.0.9-1.5 | libtiff-4.0.9-1.5.mga5 |
Mageia | 6 | noarch | libtiff | <Â 4.0.9-1.5 | libtiff-4.0.9-1.5.mga6 |