ID CVE-2016-5320
Summary ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-5314. Reason: This candidate is a reservation duplicate of CVE-2016-5314. Notes: All CVE users should reference CVE-2016-5314 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
References
Vulnerable Configurations
CVSS
Base: 5.0
Impact:
Exploitability:
Access
VectorComplexityAuthentication
Impact
ConfidentialityIntegrityAvailability
redhat via4
advisories
  • bugzilla
    id 1346687
    title CVE-2016-5320 libtiff: Out-of-bounds write in PixarLogDecode() function in tif_pixarlog.c
    oval
    AND
    • OR
      • comment Red Hat Enterprise Linux 7 Client is installed
        oval oval:com.redhat.rhba:tst:20150364001
      • comment Red Hat Enterprise Linux 7 Server is installed
        oval oval:com.redhat.rhba:tst:20150364002
      • comment Red Hat Enterprise Linux 7 Workstation is installed
        oval oval:com.redhat.rhba:tst:20150364003
      • comment Red Hat Enterprise Linux 7 ComputeNode is installed
        oval oval:com.redhat.rhba:tst:20150364004
    • OR
      • AND
        • comment libtiff is earlier than 0:4.0.3-25.el7_2
          oval oval:com.redhat.rhsa:tst:20161546011
        • comment libtiff is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110318011
      • AND
        • comment libtiff-devel is earlier than 0:4.0.3-25.el7_2
          oval oval:com.redhat.rhsa:tst:20161546007
        • comment libtiff-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110318015
      • AND
        • comment libtiff-static is earlier than 0:4.0.3-25.el7_2
          oval oval:com.redhat.rhsa:tst:20161546009
        • comment libtiff-static is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110318013
      • AND
        • comment libtiff-tools is earlier than 0:4.0.3-25.el7_2
          oval oval:com.redhat.rhsa:tst:20161546005
        • comment libtiff-tools is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20161546006
    rhsa
    id RHSA-2016:1546
    released 2016-08-02
    severity Important
    title RHSA-2016:1546: libtiff security update (Important)
  • bugzilla
    id 1346687
    title CVE-2016-5320 libtiff: Out-of-bounds write in PixarLogDecode() function in tif_pixarlog.c
    oval
    AND
    • OR
      • comment Red Hat Enterprise Linux 6 Client is installed
        oval oval:com.redhat.rhba:tst:20111656001
      • comment Red Hat Enterprise Linux 6 Server is installed
        oval oval:com.redhat.rhba:tst:20111656002
      • comment Red Hat Enterprise Linux 6 Workstation is installed
        oval oval:com.redhat.rhba:tst:20111656003
      • comment Red Hat Enterprise Linux 6 ComputeNode is installed
        oval oval:com.redhat.rhba:tst:20111656004
    • OR
      • AND
        • comment libtiff is earlier than 0:3.9.4-18.el6_8
          oval oval:com.redhat.rhsa:tst:20161547007
        • comment libtiff is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110318011
      • AND
        • comment libtiff-devel is earlier than 0:3.9.4-18.el6_8
          oval oval:com.redhat.rhsa:tst:20161547005
        • comment libtiff-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110318015
      • AND
        • comment libtiff-static is earlier than 0:3.9.4-18.el6_8
          oval oval:com.redhat.rhsa:tst:20161547009
        • comment libtiff-static is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110318013
    rhsa
    id RHSA-2016:1547
    released 2016-08-02
    severity Important
    title RHSA-2016:1547: libtiff security update (Important)
rpms
  • libtiff-0:4.0.3-25.el7_2
  • libtiff-devel-0:4.0.3-25.el7_2
  • libtiff-static-0:4.0.3-25.el7_2
  • libtiff-tools-0:4.0.3-25.el7_2
  • libtiff-0:3.9.4-18.el6_8
  • libtiff-devel-0:3.9.4-18.el6_8
  • libtiff-static-0:3.9.4-18.el6_8
Last major update 12-03-2018 - 02:29
Published 12-03-2018 - 02:29
Back to Top