Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2016:1547
HistoryAug 02, 2016 - 2:27 p.m.

(RHSA-2016:1547) Important: libtiff security update

2016-08-0214:27:54
access.redhat.com
36

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.057 Low

EPSS

Percentile

92.6%

JSON

The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files.

Security Fix(es):

  • Multiple flaws have been discovered in libtiff. A remote attacker could exploit these flaws to cause a crash or memory corruption and, possibly, execute arbitrary code by tricking an application linked against libtiff into processing specially crafted files. (CVE-2014-9655, CVE-2015-1547, CVE-2015-8784, CVE-2015-8683, CVE-2015-8665, CVE-2015-8781, CVE-2015-8782, CVE-2015-8783, CVE-2016-3990, CVE-2016-5320)

  • Multiple flaws have been discovered in various libtiff tools (bmp2tiff, pal2rgb, thumbnail, tiff2bw, tiff2pdf, tiffcrop, tiffdither, tiffsplit, tiff2rgba). By tricking a user into processing a specially crafted file, a remote attacker could exploit these flaws to cause a crash or memory corruption and, possibly, execute arbitrary code with the privileges of the user running the libtiff tool. (CVE-2014-8127, CVE-2014-8129, CVE-2014-8130, CVE-2014-9330, CVE-2015-7554, CVE-2015-8668, CVE-2016-3632, CVE-2016-3945, CVE-2016-3991)

OSVersionArchitecturePackageVersionFilename
RedHat6i686libtiff-devel< 3.9.4-18.el6_8libtiff-devel-3.9.4-18.el6_8.i686.rpm
RedHat6ppc64libtiff-devel< 3.9.4-18.el6_8libtiff-devel-3.9.4-18.el6_8.ppc64.rpm
RedHat6x86_64libtiff-devel< 3.9.4-18.el6_8libtiff-devel-3.9.4-18.el6_8.x86_64.rpm
RedHat6s390libtiff-devel< 3.9.4-18.el6_8libtiff-devel-3.9.4-18.el6_8.s390.rpm
RedHat6s390xlibtiff-devel< 3.9.4-18.el6_8libtiff-devel-3.9.4-18.el6_8.s390x.rpm
RedHat6ppclibtiff-debuginfo< 3.9.4-18.el6_8libtiff-debuginfo-3.9.4-18.el6_8.ppc.rpm
RedHat6x86_64libtiff-debuginfo< 3.9.4-18.el6_8libtiff-debuginfo-3.9.4-18.el6_8.x86_64.rpm
RedHat6x86_64libtiff-static< 3.9.4-18.el6_8libtiff-static-3.9.4-18.el6_8.x86_64.rpm
RedHat6ppc64libtiff-debuginfo< 3.9.4-18.el6_8libtiff-debuginfo-3.9.4-18.el6_8.ppc64.rpm
RedHat6s390xlibtiff-static< 3.9.4-18.el6_8libtiff-static-3.9.4-18.el6_8.s390x.rpm
Rows per page:
1-10 of 231

Related

openvas 26
nessus 54
ibm 3
centos 2
redhat 1
oraclelinux 2
amazon 3
f5 7
debian 8
cloudfoundry 1
ubuntu 4
securityvulns 3
osv 6
mageia 3
ubuntucve 15
prion 13
debiancve 13
cve 14
fedora 4
gentoo 1
altlinux 1
veracode 13
freebsd 1
alpinelinux 1
openvas
openvas
RedHat Update for libtiff RHSA-2016:1547-01
2016-08-04 00:00:00
Huawei EulerOS: Security Advisory for libtiff (EulerOS-SA-2016-1034)
2020-01-23 00:00:00
CentOS Update for libtiff CESA-2016:1547 centos6
2016-08-08 00:00:00
nessus
nessus
RHEL 6 : libtiff (RHSA-2016:1547)
2016-08-03 00:00:00
Oracle Linux 7 : libtiff (ELSA-2016-1546)
2016-08-03 00:00:00
CentOS 6 : libtiff (CESA-2016:1547)
2016-08-03 00:00:00
ibm
ibm
Security Bulletin: Multiple vulnerabilities in libtiff affect PowerKVM
2018-06-18 01:33:05
Security Bulletin: Libtiff vulnerabilities affect IBM SmartClound Entry
2020-07-19 00:49:12
Security Bulletin: Multiple vulnerabilities in tiff affect IBM Flex System Manager(FSM)
2018-06-18 01:32:21
centos
centos
libtiff security update
2016-08-02 21:57:58
libtiff security update
2016-08-02 15:06:00
redhat
redhat
(RHSA-2016:1546) Important: libtiff security update
2016-08-02 14:26:49
oraclelinux
oraclelinux
libtiff security update
2016-08-02 00:00:00
libtiff security update
2016-08-02 00:00:00
amazon
amazon
Important: libtiff
2016-08-17 13:30:00
Important: compat-libtiff3
2016-08-17 13:30:00
Medium: libtiff
2015-06-22 15:07:00
f5
f5
SOL35155453 - Multiple LibTIFF vulnerabilities
2016-11-08 00:00:00
K35155453 : Multiple LibTIFF vulnerabilities
2016-11-08 00:00:00
K89096577 : LibTIFF vulnerabilities CVE-2016-5314 and CVE-2015-8784
2016-11-08 00:00:00
debian
debian
[SECURITY] [DSA 3467-1] tiff security update
2016-02-06 07:39:28
[SECURITY] [DSA 3467-1] tiff security update
2016-02-06 07:39:28
[SECURITY] [DLA 405-1] tiff security update
2016-01-30 13:24:07
cloudfoundry
cloudfoundry
USN-2939-1 LibTIFF vulnerabilities | Cloud Foundry
2016-03-24 00:00:00
ubuntu
ubuntu
LibTIFF vulnerabilities
2016-03-23 00:00:00
LibTIFF vulnerabilities
2015-03-31 00:00:00
LibTIFF regression
2015-04-01 00:00:00
securityvulns
securityvulns
LibTIFF multiple security vulnerabilities
2015-04-13 00:00:00
[USN-2553-1] LibTIFF vulnerabilities
2015-04-09 00:00:00
[ MDVSA-2015:147-1 ] libtiff
2015-04-13 00:00:00
osv
osv
tiff - security update
2016-01-30 00:00:00
tiff - security update
2015-05-25 00:00:00
tiff - security update
2015-05-16 00:00:00
mageia
mageia
Updated libtiff packages fix security vulnerabilities
2015-03-23 00:42:09
Updated libtiff package fixes security vulnerabilities
2016-01-14 04:44:39
The updated packages fix libtiff security vulnerabilities
2016-10-21 01:35:16
ubuntucve
ubuntucve
CVE-2015-8683
2015-12-31 00:00:00
CVE-2015-8783
2016-02-01 00:00:00
CVE-2015-8782
2016-02-01 00:00:00
prion
prion
Out-of-bounds
2016-02-01 21:59:00
Out-of-bounds
2016-02-01 21:59:00
Code injection
2016-01-08 19:59:00
debiancve
debiancve
CVE-2015-8781
2016-02-01 21:59:00
CVE-2015-8782
2016-02-01 21:59:00
CVE-2015-8784
2016-04-13 17:59:00
cve
cve
CVE-2015-8781
2016-02-01 21:59:00
CVE-2015-8782
2016-02-01 21:59:00
CVE-2015-8665
2016-04-13 17:59:00
fedora
fedora
[SECURITY] Fedora 21 Update: mingw-libtiff-4.0.3-6.fc21
2015-05-04 15:24:27
[SECURITY] Fedora 22 Update: libtiff-4.0.3-20.fc22
2015-06-02 15:14:07
[SECURITY] Fedora 21 Update: libtiff-4.0.3-20.fc21
2015-05-30 15:55:39
gentoo
gentoo
libTIFF: Multiple vulnerabilities
2017-01-09 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package libtiff version 4.0.10.0.57.f9fc01c3-alt1
2019-04-09 00:00:00
veracode
veracode
Invalid Write
2018-05-23 06:23:51
Denial Of Service (DoS)
2018-08-01 06:37:08
Denial Of Service (DoS)
2019-05-02 05:45:56
freebsd
freebsd
tiff -- out-of-bounds read in tif_getimage.c
2015-12-24 00:00:00
alpinelinux
alpinelinux
CVE-2014-8127
2017-06-26 15:29:00

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.057 Low

EPSS

Percentile

92.6%

JSON
Related for RHSA-2016:1547
openvas26nessus54ibm3centos2redhat1oraclelinux2amazon3f57debian8cloudfoundry1ubuntu4securityvulns3osv6mageia3ubuntucve15prion13debiancve13cve14fedora4gentoo1altlinux1veracode13freebsd1alpinelinux1