Back to search
CVE-2016-9448
Published: Jan 27, 2017
Modified: Aug 6, 2024
PUBLISHED
Description
The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) by setting the tags TIFF_SETGET_C16ASCII or TIFF_SETGET_C32_ASCII to values that access 0-byte arrays. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9297.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
openSUSE-SU-2016:3035
vendor-advisory
x_refsource_SUSE
GLSA-201701-16
vendor-advisory
x_refsource_GENTOO
94420
vdb-entry
x_refsource_BID
[oss-security] 20161118 Re: CVE-2016-9297 LibTIFF regression
mailing-list
x_refsource_MLIST
http://bugzilla.maptools.org/show_bug.cgi?id=2593
x_refsource_MISC
DSA-3762
vendor-advisory
x_refsource_DEBIAN
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now