Project

General

Profile

Bug #6734

Bug #6732: tiff: Heap-buffer overflow in tools/tiffcp via crafted BitsPerSample value (CVE-2017-5225)

[3.5] tiff: Heap-buffer overflow in tools/tiffcp via crafted BitsPerSample value (CVE-2017-5225)

Added by Alicha CH about 2 years ago. Updated about 2 years ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Category:
Security
Target version:
Start date:
01/25/2017
Due date:
% Done:

100%

Estimated time:
Affected versions:
Security IDs:

Description

LibTIFF version 4.0.7 is vulnerable to a heap buffer overflow in the tools/tiffcp resulting in DoS or code execution via a crafted BitsPerSample value.

References:

http://bugzilla.maptools.org/show_bug.cgi?id=2656
http://bugzilla.maptools.org/show_bug.cgi?id=2657

Patch:

https://github.com/vadz/libtiff/commit/5c080298d59efa53264d7248bbe3a04660db6ef7

Associated revisions

Revision 11139bb7 (diff)
Added by Sergei Lukin about 2 years ago

main/tiff: security fixes #6734

CVE-2017-5225: Heap-buffer overflow in tools/tiffcp via crafted BitsPerSample value

History

#1 Updated by Sergei Lukin about 2 years ago

  • Status changed from New to Resolved
  • % Done changed from 0 to 100

#2 Updated by Alicha CH about 2 years ago

  • Category set to Security
  • Status changed from Resolved to Closed

Also available in: Atom PDF