ID CVE-2016-5320
Summary ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-5314. Reason: This candidate is a reservation duplicate of CVE-2016-5314. Notes: All CVE users should reference CVE-2016-5314 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
References
Vulnerable Configurations
CVSS
Base: 5.0
Impact:
Exploitability:
Access
VectorComplexityAuthentication
Impact
ConfidentialityIntegrityAvailability
redhat via4
advisories
  • bugzilla
    id 1346687
    title CVE-2016-5320 libtiff: Out-of-bounds write in PixarLogDecode() function in tif_pixarlog.c
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 7 is installed
        oval oval:com.redhat.rhba:tst:20150364027
      • OR
        • AND
          • comment libtiff is earlier than 0:4.0.3-25.el7_2
            oval oval:com.redhat.rhsa:tst:20161546001
          • comment libtiff is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20110318007
        • AND
          • comment libtiff-devel is earlier than 0:4.0.3-25.el7_2
            oval oval:com.redhat.rhsa:tst:20161546003
          • comment libtiff-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20110318009
        • AND
          • comment libtiff-static is earlier than 0:4.0.3-25.el7_2
            oval oval:com.redhat.rhsa:tst:20161546005
          • comment libtiff-static is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20110318011
        • AND
          • comment libtiff-tools is earlier than 0:4.0.3-25.el7_2
            oval oval:com.redhat.rhsa:tst:20161546007
          • comment libtiff-tools is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20161546008
    rhsa
    id RHSA-2016:1546
    released 2016-08-02
    severity Important
    title RHSA-2016:1546: libtiff security update (Important)
  • bugzilla
    id 1346687
    title CVE-2016-5320 libtiff: Out-of-bounds write in PixarLogDecode() function in tif_pixarlog.c
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 6 is installed
        oval oval:com.redhat.rhba:tst:20111656003
      • OR
        • AND
          • comment libtiff is earlier than 0:3.9.4-18.el6_8
            oval oval:com.redhat.rhsa:tst:20161547001
          • comment libtiff is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20110318007
        • AND
          • comment libtiff-devel is earlier than 0:3.9.4-18.el6_8
            oval oval:com.redhat.rhsa:tst:20161547003
          • comment libtiff-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20110318009
        • AND
          • comment libtiff-static is earlier than 0:3.9.4-18.el6_8
            oval oval:com.redhat.rhsa:tst:20161547005
          • comment libtiff-static is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20110318011
    rhsa
    id RHSA-2016:1547
    released 2016-08-02
    severity Important
    title RHSA-2016:1547: libtiff security update (Important)
rpms
  • libtiff-0:4.0.3-25.el7_2
  • libtiff-debuginfo-0:4.0.3-25.el7_2
  • libtiff-devel-0:4.0.3-25.el7_2
  • libtiff-static-0:4.0.3-25.el7_2
  • libtiff-tools-0:4.0.3-25.el7_2
  • libtiff-0:3.9.4-18.el6_8
  • libtiff-debuginfo-0:3.9.4-18.el6_8
  • libtiff-devel-0:3.9.4-18.el6_8
  • libtiff-static-0:3.9.4-18.el6_8
Last major update 12-03-2018 - 02:29
Published 12-03-2018 - 02:29
Last modified 12-03-2018 - 02:29
Back to Top