CVE-2014-8129 - LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly

CVE-2014-8129

Summary

LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by failure of tif_next.c to verify that the BitsPerSample value is 2, and the t2p_sample_lab_signed_to_unsigned function in tiff2pdf.c.

References

Vulnerable Configurations

cpe:2.3:a:libtiff:libtiff:4.0.3:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:4.0.3:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.10.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.10.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.10.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.10.1:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.9.5:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.9.5:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.10.3:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.10.3:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.10.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.10.2:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.8.5:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.8.5:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:iphone:*
cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:iphone:*
cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:ipad2:*
cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:ipad2:*
cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:ipodtouch:*
cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:ipodtouch:*

CVSS

Base:	6.8 (as of 13-02-2023 - 00:43)
Impact:
Exploitability:

CWE

CWE-787

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:M/Au:N/C:P/I:P/A:P

redhat via4

advisories

rhsa
id RHSA-2016:1546
rhsa
id RHSA-2016:1547

rpms

libtiff-0:4.0.3-25.el7_2
libtiff-debuginfo-0:4.0.3-25.el7_2
libtiff-devel-0:4.0.3-25.el7_2
libtiff-static-0:4.0.3-25.el7_2
libtiff-tools-0:4.0.3-25.el7_2
libtiff-0:3.9.4-18.el6_8
libtiff-debuginfo-0:3.9.4-18.el6_8
libtiff-devel-0:3.9.4-18.el6_8
libtiff-static-0:3.9.4-18.el6_8

refmap via4

apple	APPLE-SA-2015-06-30-1 APPLE-SA-2015-06-30-2
bid	72352
confirm	http://support.apple.com/kb/HT204941 http://support.apple.com/kb/HT204942 https://bugzilla.redhat.com/show_bug.cgi?id=1185815
debian	DSA-3273
gentoo	GLSA-201701-16
misc	http://bugzilla.maptools.org/show_bug.cgi?id=2487 http://bugzilla.maptools.org/show_bug.cgi?id=2488 http://www.conostix.com/pub/adv/CVE-2014-8129-LibTIFF-Out-of-bounds_Reads_and_Writes.txt
mlist	[oss-security] 20150124 Multiple vulnerabilities in LibTIFF and associated tools
sectrack	1032760

Last major update

13-02-2023 - 00:43

Published

12-03-2018 - 02:29

Last modified

13-02-2023 - 00:43