MiracleLinux 7 : libtiff-4.0.3-35.el7 (AXSA:2020-553:02)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-553:02 advisory. libtiff: integer overflow in TIFFCheckMalloc and TIFFCheckRealloc in tifaux.c CVE-2019-14973 libtiff: integer overflow leading to heap-based buffer...

Medium: libtiff

Issue Overview: TIFFCheckMalloc and TIFFCheckRealloc in tifaux.c in LibTIFF through 4.0.10 mishandle Integer Overflow checks because they rely on compiler behavior that is undefined by the applicable C standards. This can, for example, lead to an application crash. CVE-2019-14973 tifgetimage.c in...

libtiff: integer overflow in _TIFFCheckMalloc and _TIFFCheckRealloc in tif_aux.c

TIFFCheckMalloc and TIFFCheckRealloc in tifaux.c in LibTIFF through 4.0.10 mishandle Integer Overflow checks because they rely on compiler behavior that is undefined by the applicable C standards. This can, for example, lead to an application crash...

Integer Overflow

libtiff.so is vulnerable to denial of service DoS. The attack is possible because TIFFCheckMalloc and TIFFCheckRealloc in tifaux.c do not safely detect overflows in the multiplication of nmemb and elemsize, causing an application crash...

DEBIAN-CVE-2019-14973

TIFFCheckMalloc and TIFFCheckRealloc in tifaux.c in LibTIFF through 4.0.10 mishandle Integer Overflow checks because they rely on compiler behavior that is undefined by the applicable C standards. This can, for example, lead to an application crash...

CVE-2019-14973

TIFFCheckMalloc and TIFFCheckRealloc in tifaux.c in LibTIFF through 4.0.10 mishandle Integer Overflow checks because they rely on compiler behavior that is undefined by the applicable C standards. This can, for example, lead to an application crash...