Back to search
CVE-2014-9655
Published: Apr 13, 2016
Modified: Aug 6, 2024
PUBLISHED
Description
The (1) putcontig8bitYCbCr21tile function in tif_getimage.c or (2) NeXTDecode function in tif_next.c in LibTIFF allows remote attackers to cause a denial of service (uninitialized memory access) via a crafted TIFF image, as demonstrated by libtiff-cvs-1.tif and libtiff-cvs-2.tif.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
RHSA-2016:1547
vendor-advisory
x_refsource_REDHAT
GLSA-201701-16
vendor-advisory
x_refsource_GENTOO
DSA-3273
vendor-advisory
x_refsource_DEBIAN
RHSA-2016:1546
vendor-advisory
x_refsource_REDHAT
[oss-security] 20150207 Re: Multiple vulnerabilities in LibTIFF and associated tools
mailing-list
x_refsource_MLIST
DSA-3467
vendor-advisory
x_refsource_DEBIAN
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now