oss-sec mailing list archives
Re: libtiff: stack-based buffer overflow in _TIFFVGetField (tif_dir.c)
From: <cve-assign () mitre org>
Date: Sun, 1 Jan 2017 12:52:56 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
https://blogs.gentoo.org/ago/2017/01/01/libtiff-stack-based-buffer-overflow-in-_tiffvgetfield-tif_dir-c
tiffsplit AddressSanitizer: stack-buffer-overflow ... WRITE of size 4 at tiff-4.0.7/libtiff/tif_dir.c:1077:29
http://bugzilla.maptools.org/show_bug.cgi?id=2625 Reported: 2016-12-04
Use CVE-2016-10095. - -- CVE Assignment Team M/S M300, 202 Burlington Road, Bedford, MA 01730 USA [ A PGP key is available for encrypted communications at http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJYaUD7AAoJEHb/MwWLVhi2MEUP/3BmH0gq++MW96w7r1FJgdmw +LDl1nEAQfZwiCRVP5G6iL0Egguw8VW2LlYK4YLmnorh8wYWf5mYJQDOI+44f+sK oxO1uu2lv/IfePRqgMdWIoJFvuv7QzfplbXSQkH0oW8fCdo7FZ5dbEy3KzWlrFeU dGWFx3ypXQ08VvddLssLuG4yLvw4KRI5nYfxkxMNY9N2wFzooVMm64m/bz4T9ZRJ DvNMsIU6Yspk2Gv5NLVv4+isqWOTkOgRcuh4Gh8j9Rdni46pnjCEF6Bc1tDI+zmV 8XnUDURVfRDgXUR2X63/bKbRzTFfkY6lHECAOJ0mAc3fx105Pf6qfy1KvqSSxhi5 4VV9OaK3Nh/8QAdkalL1MoZZ4qCvmxoevxRIYN3pINx6qlHssYj52tNvaszumq6t X7rDfdgKYxQf+uegYFiiEigTu7+UV8tEsRyx/kBfHiZqfkyXMw4eIAEJEJekC6y4 6RFnaC37VbhCScfHevmrEH8MW2IbVd6zfu3Taayp2WvJmMT0QQ+dXPY3TUgtZXdR um0XCOgbrbMTWMVuR7huDzrzMnvkEUMvJtUlNZw+tx0gZerm4hxzrMiyKFhr2Bkj 8WLRWmgmaDWfeeeMzIZH+cbjI7z/7Mr/5dr2PPc9gXqwVJHpQc1sGjLSO2c4I5pT bjm1p3FJdbBJi+DMt82Y =2Tt2 -----END PGP SIGNATURE-----
Current thread:
- libtiff: stack-based buffer overflow in _TIFFVGetField (tif_dir.c) Agostino Sarubbo (Jan 01)
- Re: libtiff: stack-based buffer overflow in _TIFFVGetField (tif_dir.c) cve-assign (Jan 01)