RHEL 7 : compat-libtiff3 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - libtiff: PixarLogDecode Heap Buffer Overflow CVE-2016-5875 Note that Nessus has not tested for this issue but has...

SUSE: Security Advisory (SUSE-SU-2016:2527-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2016-5875

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-5314. Reason: This candidate is a reservation duplicate of CVE-2016-5314. Notes: All CVE users should reference CVE-2016-5314 instead of this candidate. All references and descriptions in this candidate have been removed to...

CVE-2016-5875

...

CVE-2016-5875

CVE-2016-5314 describes a buffer overflow in the PixarLogDecode function (tif_pixarlog.c) of LibTIFF 4.0.6 and earlier, allowing remote attackers to trigger a denial of service or potentially other impact via a crafted TIFF image (demonstrated by overwriting the vgetparent pointer with rgb2ycbcr)...

LibTIFF PixarLogDecode Remote Code Execution Vulnerability(CVE-2016-5875)

Summary An exploitable heap based buffer overflow exists in the handling of compressed TIFF images in LibTIFF's PixarLogDecode api. A crafted TIFF document can lead to a heap based buffer overflow resulting in remote code execution. The vulnerability can be triggered through any user controlled...

[slackware-security] libtiff

New libtiff packages are available for Slackware 14.2 and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/libtiff-4.0.7-i586-1slack14.2.txz: Upgraded. This release contains security fixes and improvements. For more information, see:...

[SECURITY] [DSA 3762-1] tiff security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3762-1 [email protected] https://www.debian.org/security/ Laszlo Boszormenyi GCS January 13, 2017 https://www.debian.org/security/faq -...

SUSE SLED12 / SLES12 Security Update : tiff (SUSE-SU-2016:3301-1)

The tiff library and tools were updated to version 4.0.7 fixing various bug and security issues. - CVE-2014-8127: out-of-bounds read with malformed TIFF image in multiple tools bnc914890 - CVE-2016-9297: tifdirread.c read outside buffer in TIFFPrintField bnc1010161 - CVE-2016-3658: Illegal read i...

CVE-2016-5875

REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-5314. Reason: This candidate is a reservation duplicate of CVE-2016-5314. Notes: All CVE users should reference CVE-2016-5314 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...

openSUSE Security Update : tiff (openSUSE-2016-1122)

This update for tiff fixes the following issues : - CVE-2015-8781, CVE-2015-8782, CVE-2015-8783: Out-of-bounds writes for invalid images bsc964225 - CVE-2016-3186: Buffer overflow in gif2tiff bnc973340. - CVE-2016-5875: heap-based buffer overflow when using the PixarLog compressionformat bsc98735...

SUSE SLED12 / SLES12 Security Update : tiff (SUSE-SU-2016:2271-1)

This update for tiff fixes the following issues : - CVE-2015-8781, CVE-2015-8782, CVE-2015-8783: Out-of-bounds writes for invalid images bsc964225 - CVE-2016-3186: Buffer overflow in gif2tiff bnc973340. - CVE-2016-5875: heap-based buffer overflow when using the PixarLog compressionformat bsc98735...

[SECURITY] [DLA 606-1] tiff security update

Package : tiff Version : 4.0.2-6+deb7u6 CVE ID : CVE-2016-3991 CVE-2016-5314 CVE-2016-5315 CVE-2016-5316 CVE-2016-5317 CVE-2016-5320 CVE-2016-5321 CVE-2016-5322 CVE-2016-5323 CVE-2016-5875 Several vulnerabilities were found in the tiff library, potentially causing denial of services to applicatio...

openSUSE Security Update : tiff (openSUSE-2016-911)

This update for tiff fixes the following issues : Security issues fixed : - CVE-2016-5314: Fixed an out-of-bounds write in PixarLogDecode function boo984831 - CVE-2016-5316: Fixed an out-of-bounds read in PixarLogCleanup function in tifpixarlog.c boo984837 - CVE-2016-5317: Fixed an out-of-bounds...

FreeBSD : tiff -- buffer overflow (0ab66088-4aa5-11e6-a7bd-14dae9d210b8)

Mathias Svensson reports : potential buffer write overrun in PixarLogDecode on corrupted/unexpected images %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database : Copyright 2003-2018 Jacques Vidri...