Heap-based Buffer Overflow in LibTIFF's tiffcrop Tool
CVE-2016-3991

7.8HIGH

Key Information:

Vendor

Oracle
Status
Vm Server
Vendor
CVE Published:
21 September 2016

What is CVE-2016-3991?

A vulnerability exists in the loadImage function of the tiffcrop tool in LibTIFF versions 4.0.6 and earlier. This flaw allows remote attackers to exploit a crafted TIFF image that contains zero tiles. By doing so, they can trigger an out-of-bounds write, which may result in the application crashing or executing arbitrary code. This issue has significant implications for system security, particularly in environments where untrusted images are processed.

References

http://www.oracle.com/technetwork/topics/security/ovmbull...
x_refsource_CONFIRM
http://www.securityfocus.com/bid/85996
vdb-entryx_refsource_BID
http://rhn.redhat.com/errata/RHSA-2016-1547.html
vendor-advisoryx_refsource_REDHAT

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.