Back to search
CVE-2016-5652
Published: Jan 6, 2017
Modified: Aug 6, 2024
PUBLISHED
Description
An exploitable heap-based buffer overflow exists in the handling of TIFF images in LibTIFF's TIFF2PDF tool. A crafted TIFF document can lead to a heap-based buffer overflow resulting in remote code execution. Vulnerability can be triggered via a saved TIFF file delivered by other means.
| Vendor | Product | Versions |
|---|---|---|
LibTiff | LibTiff | affected 4.0.6 |
References
GLSA-201701-16
vendor-advisory
x_refsource_GENTOO
RHSA-2017:0225
vendor-advisory
x_refsource_REDHAT
DSA-3762
vendor-advisory
x_refsource_DEBIAN
http://www.talosintelligence.com/reports/TALOS-2016-0187/
x_refsource_MISC
93902
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now