ID CVE-2015-7313
Summary LibTIFF allows remote attackers to cause a denial of service (memory consumption and crash) via a crafted tiff file.
References
Vulnerable Configurations
  • LibTIFF
    cpe:2.3:a:libtiff:libtiff
CVSS
Base: 4.3 (as of 17-03-2017 - 13:05)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
NASL family Gentoo Local Security Checks
NASL id GENTOO_GLSA-201701-16.NASL
description The remote host is affected by the vulnerability described in GLSA-201701-16 (libTIFF: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in libTIFF. Please review the CVE identifier and bug reports referenced for details. Impact : A remote attacker could entice a user to process a specially crafted image file, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. Workaround : There is no known workaround at this time.
last seen 2019-02-21
modified 2017-01-10
plugin id 96373
published 2017-01-10
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=96373
title GLSA-201701-16 : libTIFF: Multiple vulnerabilities
refmap via4
bid 76843
confirm https://bugzilla.redhat.com/show_bug.cgi?id=1265998
gentoo GLSA-201701-16
mlist [oss-security] 20150921 DoS in libtiff
Last major update 20-03-2017 - 13:02
Published 17-03-2017 - 10:59
Back to Top