|
|
Subscribe / Log in / New account

libtiff: multiple vulnerabilities

Package(s):libtiff CVE #(s):CVE-2015-8668 CVE-2016-3632 CVE-2016-3945 CVE-2016-3990 CVE-2016-3991
Created:August 3, 2016 Updated:August 3, 2016
Description: From the Red Hat advisory:

Multiple flaws have been discovered in various libtiff tools (bmp2tiff, pal2rgb, thumbnail, tiff2bw, tiff2pdf, tiffcrop, tiffdither, tiffsplit, tiff2rgba). By tricking a user into processing a specially crafted file, a remote attacker could exploit these flaws to cause a crash or memory corruption and, possibly, execute arbitrary code with the privileges of the user running the libtiff tool. (CVE-2014-8127, CVE-2014-8129, CVE-2014-8130, CVE-2014-9330, CVE-2015-7554, CVE-2015-8668, CVE-2016-3632, CVE-2016-3945, CVE-2016-3991)

Alerts:
Debian-LTS DLA-693-1 tiff 2016-11-02
Mageia MGASA-2016-0349 libtiff 2016-10-21
openSUSE openSUSE-SU-2016:2525-1 tiff 2016-10-13
openSUSE openSUSE-SU-2016:2375-1 tiff 2016-09-25
openSUSE openSUSE-SU-2016:2275-1 tiff 2016-09-09
Debian-LTS DLA-610-1 tiff3 2016-09-05
Debian-LTS DLA-606-1 tiff 2016-08-31
Scientific Linux SLSA-2016:1546-1 libtiff 2016-08-03
Scientific Linux SLSA-2016:1547-1 libtiff 2016-08-02
Oracle ELSA-2016-1547 libtiff 2016-08-02
Oracle ELSA-2016-1546 libtiff 2016-08-02
CentOS CESA-2016:1547 libtiff 2016-08-02
CentOS CESA-2016:1546 libtiff 2016-08-02
Red Hat RHSA-2016:1547-01 libtiff 2016-08-02
Red Hat RHSA-2016:1546-01 libtiff 2016-08-02
Debian-LTS DLA-795-1 tiff 2017-01-23
Debian DSA-3762-1 tiff 2017-01-13
Gentoo 201701-16 tiff 2017-01-09
Arch Linux ASA-201611-26 libtiff 2016-11-25
Arch Linux ASA-201611-27 lib32-libtiff 2016-11-25
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds