CVE-2016-9535

critical
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

tif_predict.h and tif_predict.c in libtiff 4.0.6 have assertions that can lead to assertion failures in debug mode, or buffer overflows in release mode, when dealing with unusual tile size like YCbCr with subsampling. Reported as MSVR 35105, aka "Predictor heap-buffer-overflow."

References

http://rhn.redhat.com/errata/RHSA-2017-0225.html

http://www.debian.org/security/2017/dsa-3844

http://www.securityfocus.com/bid/94484

http://www.securityfocus.com/bid/94744

https://github.com/vadz/libtiff/commit/3ca657a8793dd011bf869695d72ad31c779c3cc1

https://github.com/vadz/libtiff/commit/6a984bf7905c6621281588431f384e79d11a2e33

Details

Source: MITRE

Published: 2016-11-22

Updated: 2018-01-05

Type: CWE-119

Risk Information

CVSS v2

Base Score: 7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 10

Severity: HIGH

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 3.9

Severity: CRITICAL

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:libtiff:libtiff:4.0.6:*:*:*:*:*:*:*

Tenable Plugins

View all (20 total)

IDNameProductFamilySeverity
110803SUSE SLES11 Security Update : tiff (SUSE-SU-2018:1835-1)NessusSuSE Local Security Checks
critical
105404F5 Networks BIG-IP : LibTIFF vulnerabilities (K34527393)NessusF5 Networks Local Security Checks
critical
101417Virtuozzo 7 : libtiff / libtiff-devel / libtiff-static / etc (VZLSA-2017-0225)NessusVirtuozzo Local Security Checks
critical
99973Debian DSA-3844-1 : tiff - security updateNessusDebian Local Security Checks
critical
99889EulerOS 2.0 SP1 : compat-libtiff3 (EulerOS-SA-2017-1044)NessusHuawei Local Security Checks
critical
99888EulerOS 2.0 SP2 : compat-libtiff3 (EulerOS-SA-2017-1043)NessusHuawei Local Security Checks
critical
99866EulerOS 2.0 SP2 : libtiff (EulerOS-SA-2017-1020)NessusHuawei Local Security Checks
critical
99865EulerOS 2.0 SP1 : libtiff (EulerOS-SA-2017-1019)NessusHuawei Local Security Checks
critical
99134macOS 10.12.x < 10.12.4 Multiple Vulnerabilities (httpoxy)NessusMacOS X Local Security Checks
critical
99107Debian DLA-880-1 : tiff3 security updateNessusDebian Local Security Checks
critical
97554Amazon Linux AMI : libtiff / compat-libtiff3 (ALAS-2017-802)NessusAmazon Linux Local Security Checks
critical
97434Ubuntu 14.04 LTS / 16.04 LTS / 16.10 : tiff vulnerabilities (USN-3212-1)NessusUbuntu Local Security Checks
critical
97035FreeBSD : tiff -- multiple vulnerabilities (fb74eacc-ec8a-11e6-bc8a-0011d823eebd)NessusFreeBSD Local Security Checks
critical
96974Scientific Linux Security Update : libtiff on SL6.x, SL7.x i386/x86_64 (20170201)NessusScientific Linux Local Security Checks
critical
96948RHEL 6 / 7 : libtiff (RHSA-2017:0225)NessusRed Hat Local Security Checks
critical
96947OracleVM 3.3 : libtiff (OVMSA-2017-0037)NessusOracleVM Local Security Checks
critical
96946OracleVM 3.4 : libtiff (OVMSA-2017-0036)NessusOracleVM Local Security Checks
critical
96945Oracle Linux 6 / 7 : libtiff (ELSA-2017-0225)NessusOracle Linux Local Security Checks
critical
96929CentOS 6 / 7 : libtiff (CESA-2017:0225)NessusCentOS Local Security Checks
critical
96704Debian DLA-795-1 : tiff security updateNessusDebian Local Security Checks
critical