Denial of Service Vulnerability in LibTiff Affecting Multiple Vendors
CVE-2016-9448

7.5HIGH

Key Information:

Vendor

Libtiff

Status
Libtiff
Opensuse
Vendor
CVE Published:
27 January 2017

What is CVE-2016-9448?

The TIFFFetchNormalTag function in LibTiff version 4.0.6 is vulnerable to a denial of service caused by a NULL pointer dereference, resulting in a program crash. This vulnerability arises when attackers manipulate the tags TIFF_SETGET_C16ASCII or TIFF_SETGET_C32_ASCII, prompting the function to access empty byte arrays. It is a regression of a previous issue, indicating a failure in properly addressing prior vulnerabilities, making systems relying on this library susceptible to exploitation.

References

http://lists.opensuse.org/opensuse-security-announce/2016...
vendor-advisoryx_refsource_SUSE
https://security.gentoo.org/glsa/201701-16
vendor-advisoryx_refsource_GENTOO
http://www.securityfocus.com/bid/94420
vdb-entryx_refsource_BID

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.