vulnerability

SUSE: CVE-2017-11335: SUSE Linux Security Advisory

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:N/AC:M/Au:N/C:P/I:P/A:P)	Jul 17, 2017	May 10, 2018	May 10, 2018

Severity

CVSS

(AV:N/AC:M/Au:N/C:P/I:P/A:P)

Published

Jul 17, 2017

Added

May 10, 2018

Modified

May 10, 2018

Description

There is a heap based buffer overflow in tools/tiff2pdf.c of LibTIFF 4.0.8 via a PlanarConfig=Contig image, which causes a more than one hundred bytes out-of-bounds write (related to the ZIPDecode function in tif_zip.c). A crafted input may lead to a remote denial of service attack or an arbitrary code execution attack.

Solution(s)

suse-upgrade-libtiff-develsuse-upgrade-libtiff-devel-32bitsuse-upgrade-libtiff3suse-upgrade-libtiff3-32bitsuse-upgrade-libtiff3-x86suse-upgrade-tiff

References

SUSE-SUSE-SU-2018:1179-1
UBUNTU-USN-3602-1
DEBIAN-DSA-4100
NVD-CVE-2017-11335

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today