vulnerability

Huawei EulerOS: CVE-2015-8870: libtiff security update

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
6	(AV:N/AC:M/Au:N/C:P/I:N/A:P)	Dec 6, 2016	Nov 30, 2017	Aug 13, 2025

Severity

CVSS

(AV:N/AC:M/Au:N/C:P/I:N/A:P)

Published

Dec 6, 2016

Added

Nov 30, 2017

Modified

Aug 13, 2025

Description

Multiple flaws have been discovered in various libtiff tools (tiff2pdf, tiffcrop, tiffcp, bmp2tiff). By tricking a user into processing a specially crafted file, a remote attacker could exploit these flaws to cause a crash or memory corruption and, possibly, execute arbitrary code with the privileges of the user running the libtiff tool.

Solutions

huawei-euleros-2_0_sp2-upgrade-libtiffhuawei-euleros-2_0_sp2-upgrade-libtiff-devel

References

CVE-2015-8870
https://attackerkb.com/topics/CVE-2015-8870
CWE-190
CWE-20
EULEROS-EulerOS-SA-2017-1020

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today