Lucene search
Veracode Vulnerability DatabaseVERACODE:25216HistoryMay 10, 2020 - 11:20 p.m.
Denial Of Service (DoS)
2020-05-1023:20:53
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
10
0.001 Low
EPSS
Percentile
35.7%
tiff is vulnerable to denial of service (DoS). The vulnerability exists as a pcretest load test PoC produces a crash overflow in the function match() in pcre_exec.c because of a self-recursive call. NOTE: third parties dispute the relevance of this report, noting that there are options that can be used to limit the amount of stack that is used.
References
packetstormsecurity.com/files/150897/PCRE-8.41-Buffer-Overflow.html
seclists.org/fulldisclosure/2018/Dec/33
www.openwall.com/lists/oss-security/2017/11/01/11
www.openwall.com/lists/oss-security/2017/11/01/3
www.openwall.com/lists/oss-security/2017/11/01/7
www.openwall.com/lists/oss-security/2017/11/01/8
www.securityfocus.com/bid/101688
bugs.exim.org/show_bug.cgi?id=2047
Related
packetstorm
packetstorm
PCRE 8.41 Buffer Overflow
2018-12-21 00:00:00
ubuntucve
ubuntucve
CVE-2017-16231
2019-03-21 00:00:00
ibm
ibm
vulnrichment
vulnrichment
CVE-2017-16231
2019-03-17 16:24:52
cvelist
cvelist
CVE-2017-16231
2019-03-17 16:24:52
alpinelinux
alpinelinux
CVE-2017-16231
2019-03-21 15:59:56
cve
cve
CVE-2017-16231
2019-03-21 15:59:56
nvd
nvd
CVE-2017-16231
2019-03-21 15:59:56
debiancve
debiancve
CVE-2017-16231
2019-03-21 15:59:56
redhatcve
redhatcve
CVE-2017-16231
2019-04-16 13:20:19
prion
prion
Input validation
2019-03-21 15:59:00
photon
photon
Important Photon OS Security Update - PHSA-2020-0305
2020-06-25 00:00:00
Important Photon OS Security Update - PHSA-2020-0256
2020-06-27 00:00:00
avleonov
avleonov