Vulnerability & Exploit Database

Back to search

Amazon Linux AMI: CVE-2014-9330: Security patch for libtiff (ALAS-2016-733)

Severity CVSS Published Added Modified
5 (AV:N/AC:L/Au:N/C:N/I:N/A:P) January 19, 2015 August 21, 2016 November 03, 2017

Description

Integer overflow in tif_packbits.c in bmp2tif in libtiff 4.0.3 allows remote attackers to cause a denial of service (crash) via crafted BMP image, related to dimensions, which triggers an out-of-bounds read.

Free Nexpose Download

Discover, prioritize, and remediate security risks today!

 Download now

References

Solution

amazon-linux-upgrade-libtiff

Related Vulnerabilities