Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2016-5315 (GCVE-0-2016-5315)
Vulnerability from cvelistv5 – Published: 2017-03-07 15:00 – Updated: 2024-08-06 01:01
VLAI?
EPSS
Summary
The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Date Public ?
2016-06-15 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:01:00.074Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "91204",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91204"
},
{
"name": "[oss-security] 20160615 CVE-2016-5315: libtiff 4.0.6 tif_dir.c: setByteArray() Read access violation",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/06/15/2"
},
{
"name": "GLSA-201701-16",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201701-16"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1346694"
},
{
"name": "DSA-3762",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3762"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-06-15T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-03-07T12:57:02.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "91204",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91204"
},
{
"name": "[oss-security] 20160615 CVE-2016-5315: libtiff 4.0.6 tif_dir.c: setByteArray() Read access violation",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/06/15/2"
},
{
"name": "GLSA-201701-16",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201701-16"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1346694"
},
{
"name": "DSA-3762",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3762"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-5315",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "91204",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91204"
},
{
"name": "[oss-security] 20160615 CVE-2016-5315: libtiff 4.0.6 tif_dir.c: setByteArray() Read access violation",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/06/15/2"
},
{
"name": "GLSA-201701-16",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-16"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1346694",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1346694"
},
{
"name": "DSA-3762",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3762"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-5315",
"datePublished": "2017-03-07T15:00:00.000Z",
"dateReserved": "2016-06-06T00:00:00.000Z",
"dateUpdated": "2024-08-06T01:01:00.074Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"4.0.6\", \"matchCriteriaId\": \"7DBB051D-E94D-4553-88A6-750BE80B7617\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image.\"}, {\"lang\": \"es\", \"value\": \"La funci\\u00f3n setByteArray en tif_dir.c en libtiff 4.0.6 y versiones anteriores permite a atacantes remotos provocar una denegaci\\u00f3n de servicio (lectura fuera de l\\u00edmites) a trav\\u00e9s de una imagen tiff manipulada.\"}]",
"id": "CVE-2016-5315",
"lastModified": "2024-11-21T02:54:05.157",
"metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\", \"baseScore\": 5.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:N/I:N/A:P\", \"baseScore\": 4.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
"published": "2017-03-07T15:59:00.283",
"references": "[{\"url\": \"http://www.debian.org/security/2017/dsa-3762\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2016/06/15/2\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/91204\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=1346694\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://security.gentoo.org/glsa/201701-16\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.debian.org/security/2017/dsa-3762\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2016/06/15/2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/91204\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=1346694\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://security.gentoo.org/glsa/201701-16\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}]",
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-125\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2016-5315\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2017-03-07T15:59:00.283\",\"lastModified\":\"2025-04-20T01:37:25.860\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image.\"},{\"lang\":\"es\",\"value\":\"La funci\u00f3n setByteArray en tif_dir.c en libtiff 4.0.6 y versiones anteriores permite a atacantes remotos provocar una denegaci\u00f3n de servicio (lectura fuera de l\u00edmites) a trav\u00e9s de una imagen tiff manipulada.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:N/A:P\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-125\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"4.0.6\",\"matchCriteriaId\":\"7DBB051D-E94D-4553-88A6-750BE80B7617\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"}]}]}],\"references\":[{\"url\":\"http://www.debian.org/security/2017/dsa-3762\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2016/06/15/2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/91204\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1346694\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://security.gentoo.org/glsa/201701-16\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.debian.org/security/2017/dsa-3762\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2016/06/15/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/91204\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1346694\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://security.gentoo.org/glsa/201701-16\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]}]}}"
}
}
WID-SEC-W-2023-2409
Vulnerability from csaf_certbund - Published: 2016-06-14 22:00 - Updated: 2023-10-08 22:00Summary
libTIFF: Mehrere Schwachstellen
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: libTIFF ist ein Softwarepaket für die Verarbeitung von Bilddateien in Tag Image File Format (TIFF).
Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in libTIFF ausnutzen, um beliebigen Programmcode mit den Rechten des Dienstes auszuführen oder um einen Denial of Service Zustand hervorzurufen.
Betroffene Betriebssysteme: - UNIX
- Linux
- Windows
In libTIFF existieren mehrere Schwachstellen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen oder um möglicherweise beliebigen Code mit den Privilegien der libTIFF-nutzenden Applikation auszuführen. Bei den Schwachstellen handelt es sich um out-of-bound Lesefehlern, ungültigen Lesezugriffen und divide-by-zero-Fehlern.
In libTIFF existieren mehrere Schwachstellen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen oder um möglicherweise beliebigen Code mit den Privilegien der libTIFF-nutzenden Applikation auszuführen. Bei den Schwachstellen handelt es sich um out-of-bound Lesefehlern, ungültigen Lesezugriffen und divide-by-zero-Fehlern.
In libTIFF existieren mehrere Schwachstellen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen oder um möglicherweise beliebigen Code mit den Privilegien der libTIFF-nutzenden Applikation auszuführen. Bei den Schwachstellen handelt es sich um out-of-bound Lesefehlern, ungültigen Lesezugriffen und divide-by-zero-Fehlern.
In libTIFF existieren mehrere Schwachstellen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen oder um möglicherweise beliebigen Code mit den Privilegien der libTIFF-nutzenden Applikation auszuführen. Bei den Schwachstellen handelt es sich um out-of-bound Lesefehlern, ungültigen Lesezugriffen und divide-by-zero-Fehlern.
In libTIFF existieren mehrere Schwachstellen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen oder um möglicherweise beliebigen Code mit den Privilegien der libTIFF-nutzenden Applikation auszuführen. Bei den Schwachstellen handelt es sich um out-of-bound Lesefehlern, ungültigen Lesezugriffen und divide-by-zero-Fehlern.
In libTIFF existieren mehrere Schwachstellen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen oder um möglicherweise beliebigen Code mit den Privilegien der libTIFF-nutzenden Applikation auszuführen. Bei den Schwachstellen handelt es sich um out-of-bound Lesefehlern, ungültigen Lesezugriffen und divide-by-zero-Fehlern.
In libTIFF existieren mehrere Schwachstellen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen oder um möglicherweise beliebigen Code mit den Privilegien der libTIFF-nutzenden Applikation auszuführen. Bei den Schwachstellen handelt es sich um out-of-bound Lesefehlern, ungültigen Lesezugriffen und divide-by-zero-Fehlern.
In libTIFF existieren mehrere Schwachstellen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen oder um möglicherweise beliebigen Code mit den Privilegien der libTIFF-nutzenden Applikation auszuführen. Bei den Schwachstellen handelt es sich um out-of-bound Lesefehlern, ungültigen Lesezugriffen und divide-by-zero-Fehlern.
References
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "libTIFF ist ein Softwarepaket f\u00fcr die Verarbeitung von Bilddateien in Tag Image File Format (TIFF).",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in libTIFF ausnutzen, um beliebigen Programmcode mit den Rechten des Dienstes auszuf\u00fchren oder um einen Denial of Service Zustand hervorzurufen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- UNIX\n- Linux\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-2409 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2016/wid-sec-w-2023-2409.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-2409 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2409"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2023-1855 vom 2023-10-06",
"url": "https://alas.aws.amazon.com/ALAS-2023-1855.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2023-2263 vom 2023-09-21",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2023-2263.html"
},
{
"category": "external",
"summary": "OSS Security Mailing List vom 2016-06-14",
"url": "http://www.openwall.com/lists/oss-security/2016/06/15/1"
},
{
"category": "external",
"summary": "OSS Security Mailing List vom 2016-06-14",
"url": "http://www.openwall.com/lists/oss-security/2016/06/15/2"
},
{
"category": "external",
"summary": "OSS Security Mailing List vom 2016-06-14",
"url": "http://www.openwall.com/lists/oss-security/2016/06/15/3"
},
{
"category": "external",
"summary": "OSS Security Mailing List vom 2016-06-14",
"url": "http://www.openwall.com/lists/oss-security/2016/06/15/5"
},
{
"category": "external",
"summary": "OSS Security Mailing List vom 2016-06-14",
"url": "http://www.openwall.com/lists/oss-security/2016/06/15/6"
},
{
"category": "external",
"summary": "OSS Security Mailing List vom 2016-06-14",
"url": "http://www.openwall.com/lists/oss-security/2016/06/15/7"
},
{
"category": "external",
"summary": "OSS Security Mailing List vom 2016-06-14",
"url": "http://www.openwall.com/lists/oss-security/2016/06/15/8"
},
{
"category": "external",
"summary": "OSS Security Mailing List vom 2016-06-14",
"url": "http://www.openwall.com/lists/oss-security/2016/06/15/9"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2016:1546 vom 2016-08-03",
"url": "https://rhn.redhat.com/errata/RHSA-2016-1546.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2016:1547 vom 2016-08-03",
"url": "https://rhn.redhat.com/errata/RHSA-2016-1547.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2016:2271-1 vom 2016-09-10",
"url": "https://www.suse.com/support/update/announcement/2016/suse-su-20162271-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2016:2527-1 vom 2016-10-13",
"url": "https://www.suse.com/support/update/announcement/2016/suse-su-20162527-1.html"
},
{
"category": "external",
"summary": "F5 Security Advisory SOL89096577 vom 2016-11-08",
"url": "https://support.f5.com/kb/en-us/solutions/public/k/89/sol89096577.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2016:3301-1 vom 2016-12-30",
"url": "https://www.suse.com/support/update/announcement/2016/suse-su-20163301-1.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-3762 vom 2017-01-14",
"url": "https://www.debian.org/security/2017/dsa-3762"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-3212-1 vom 2017-02-27",
"url": "http://www.ubuntu.com/usn/usn-3212-1/"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-3212-2 vom 2017-05-30",
"url": "http://www.ubuntu.com/usn/usn-3212-2/"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-3212-3 vom 2017-07-19",
"url": "http://www.ubuntu.com/usn/usn-3212-3/"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-3212-4 vom 2017-08-07",
"url": "http://www.ubuntu.com/usn/usn-3212-4/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1472-1 vom 2018-05-31",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181472-1.html"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA11023 vom 2020-07-08",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11023"
}
],
"source_lang": "en-US",
"title": "libTIFF: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2023-10-08T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:58:41.982+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2023-2409",
"initial_release_date": "2016-06-14T22:00:00.000+00:00",
"revision_history": [
{
"date": "2016-06-14T22:00:00.000+00:00",
"number": "1",
"summary": "Initial Release"
},
{
"date": "2016-06-14T22:00:00.000+00:00",
"number": "2",
"summary": "Version nicht vorhanden"
},
{
"date": "2016-06-14T22:00:00.000+00:00",
"number": "3",
"summary": "Version nicht vorhanden"
},
{
"date": "2016-08-02T22:00:00.000+00:00",
"number": "4",
"summary": "New remediations available"
},
{
"date": "2016-08-02T22:00:00.000+00:00",
"number": "5",
"summary": "Version nicht vorhanden"
},
{
"date": "2016-08-02T22:00:00.000+00:00",
"number": "6",
"summary": "Version nicht vorhanden"
},
{
"date": "2016-08-02T22:00:00.000+00:00",
"number": "7",
"summary": "Version nicht vorhanden"
},
{
"date": "2016-09-11T22:00:00.000+00:00",
"number": "8",
"summary": "New remediations available"
},
{
"date": "2016-10-13T22:00:00.000+00:00",
"number": "9",
"summary": "New remediations available"
},
{
"date": "2016-11-08T23:00:00.000+00:00",
"number": "10",
"summary": "New remediations available"
},
{
"date": "2016-11-08T23:00:00.000+00:00",
"number": "11",
"summary": "Version nicht vorhanden"
},
{
"date": "2016-12-29T23:00:00.000+00:00",
"number": "12",
"summary": "New remediations available"
},
{
"date": "2017-01-15T23:00:00.000+00:00",
"number": "13",
"summary": "New remediations available"
},
{
"date": "2017-02-27T23:00:00.000+00:00",
"number": "14",
"summary": "New remediations available"
},
{
"date": "2017-05-30T22:00:00.000+00:00",
"number": "15",
"summary": "New remediations available"
},
{
"date": "2017-07-19T22:00:00.000+00:00",
"number": "16",
"summary": "New remediations available"
},
{
"date": "2017-08-07T22:00:00.000+00:00",
"number": "17",
"summary": "New remediations available"
},
{
"date": "2018-05-31T22:00:00.000+00:00",
"number": "18",
"summary": "New remediations available"
},
{
"date": "2020-07-08T22:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von Juniper aufgenommen"
},
{
"date": "2023-09-20T22:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2023-10-08T22:00:00.000+00:00",
"number": "21",
"summary": "Neue Updates von Amazon aufgenommen"
}
],
"status": "final",
"version": "21"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"category": "product_name",
"name": "F5 WebAccelerator",
"product": {
"name": "F5 WebAccelerator",
"product_id": "T001723",
"product_identification_helper": {
"cpe": "cpe:/h:f5:big-ip_webaccelerator:-"
}
}
}
],
"category": "vendor",
"name": "F5"
},
{
"branches": [
{
"category": "product_name",
"name": "Juniper Junos Space \u003c 20.1R1",
"product": {
"name": "Juniper Junos Space \u003c 20.1R1",
"product_id": "T016874",
"product_identification_helper": {
"cpe": "cpe:/a:juniper:junos_space:20.1r1"
}
}
}
],
"category": "vendor",
"name": "Juniper"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source CentOS",
"product": {
"name": "Open Source CentOS",
"product_id": "1727",
"product_identification_helper": {
"cpe": "cpe:/o:centos:centos:-"
}
}
},
{
"category": "product_name",
"name": "Open Source libTIFF \u003c= 4.0.6",
"product": {
"name": "Open Source libTIFF \u003c= 4.0.6",
"product_id": "T006693",
"product_identification_helper": {
"cpe": "cpe:/a:libtiff:libtiff:4.0.6"
}
}
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-5314",
"notes": [
{
"category": "description",
"text": "In libTIFF existieren mehrere Schwachstellen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen oder um m\u00f6glicherweise beliebigen Code mit den Privilegien der libTIFF-nutzenden Applikation auszuf\u00fchren. Bei den Schwachstellen handelt es sich um out-of-bound Lesefehlern, ung\u00fcltigen Lesezugriffen und divide-by-zero-Fehlern."
}
],
"product_status": {
"known_affected": [
"2951",
"T001723",
"T002207",
"67646",
"T000126",
"398363",
"1727"
],
"last_affected": [
"T006693"
]
},
"release_date": "2016-06-14T22:00:00.000+00:00",
"title": "CVE-2016-5314"
},
{
"cve": "CVE-2016-5315",
"notes": [
{
"category": "description",
"text": "In libTIFF existieren mehrere Schwachstellen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen oder um m\u00f6glicherweise beliebigen Code mit den Privilegien der libTIFF-nutzenden Applikation auszuf\u00fchren. Bei den Schwachstellen handelt es sich um out-of-bound Lesefehlern, ung\u00fcltigen Lesezugriffen und divide-by-zero-Fehlern."
}
],
"product_status": {
"known_affected": [
"2951",
"T001723",
"T002207",
"67646",
"T000126",
"398363",
"1727"
],
"last_affected": [
"T006693"
]
},
"release_date": "2016-06-14T22:00:00.000+00:00",
"title": "CVE-2016-5315"
},
{
"cve": "CVE-2016-5316",
"notes": [
{
"category": "description",
"text": "In libTIFF existieren mehrere Schwachstellen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen oder um m\u00f6glicherweise beliebigen Code mit den Privilegien der libTIFF-nutzenden Applikation auszuf\u00fchren. Bei den Schwachstellen handelt es sich um out-of-bound Lesefehlern, ung\u00fcltigen Lesezugriffen und divide-by-zero-Fehlern."
}
],
"product_status": {
"known_affected": [
"2951",
"T001723",
"T002207",
"67646",
"T000126",
"398363",
"1727"
],
"last_affected": [
"T006693"
]
},
"release_date": "2016-06-14T22:00:00.000+00:00",
"title": "CVE-2016-5316"
},
{
"cve": "CVE-2016-5317",
"notes": [
{
"category": "description",
"text": "In libTIFF existieren mehrere Schwachstellen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen oder um m\u00f6glicherweise beliebigen Code mit den Privilegien der libTIFF-nutzenden Applikation auszuf\u00fchren. Bei den Schwachstellen handelt es sich um out-of-bound Lesefehlern, ung\u00fcltigen Lesezugriffen und divide-by-zero-Fehlern."
}
],
"product_status": {
"known_affected": [
"2951",
"T001723",
"T002207",
"67646",
"T000126",
"398363",
"1727"
],
"last_affected": [
"T006693"
]
},
"release_date": "2016-06-14T22:00:00.000+00:00",
"title": "CVE-2016-5317"
},
{
"cve": "CVE-2016-5320",
"notes": [
{
"category": "description",
"text": "In libTIFF existieren mehrere Schwachstellen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen oder um m\u00f6glicherweise beliebigen Code mit den Privilegien der libTIFF-nutzenden Applikation auszuf\u00fchren. Bei den Schwachstellen handelt es sich um out-of-bound Lesefehlern, ung\u00fcltigen Lesezugriffen und divide-by-zero-Fehlern."
}
],
"product_status": {
"known_affected": [
"2951",
"T001723",
"T002207",
"67646",
"T000126",
"398363",
"1727"
],
"last_affected": [
"T006693"
]
},
"release_date": "2016-06-14T22:00:00.000+00:00",
"title": "CVE-2016-5320"
},
{
"cve": "CVE-2016-5321",
"notes": [
{
"category": "description",
"text": "In libTIFF existieren mehrere Schwachstellen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen oder um m\u00f6glicherweise beliebigen Code mit den Privilegien der libTIFF-nutzenden Applikation auszuf\u00fchren. Bei den Schwachstellen handelt es sich um out-of-bound Lesefehlern, ung\u00fcltigen Lesezugriffen und divide-by-zero-Fehlern."
}
],
"product_status": {
"known_affected": [
"2951",
"T001723",
"T002207",
"67646",
"T000126",
"398363",
"1727"
],
"last_affected": [
"T006693"
]
},
"release_date": "2016-06-14T22:00:00.000+00:00",
"title": "CVE-2016-5321"
},
{
"cve": "CVE-2016-5322",
"notes": [
{
"category": "description",
"text": "In libTIFF existieren mehrere Schwachstellen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen oder um m\u00f6glicherweise beliebigen Code mit den Privilegien der libTIFF-nutzenden Applikation auszuf\u00fchren. Bei den Schwachstellen handelt es sich um out-of-bound Lesefehlern, ung\u00fcltigen Lesezugriffen und divide-by-zero-Fehlern."
}
],
"product_status": {
"known_affected": [
"2951",
"T001723",
"T002207",
"67646",
"T000126",
"398363",
"1727"
],
"last_affected": [
"T006693"
]
},
"release_date": "2016-06-14T22:00:00.000+00:00",
"title": "CVE-2016-5322"
},
{
"cve": "CVE-2016-5323",
"notes": [
{
"category": "description",
"text": "In libTIFF existieren mehrere Schwachstellen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen oder um m\u00f6glicherweise beliebigen Code mit den Privilegien der libTIFF-nutzenden Applikation auszuf\u00fchren. Bei den Schwachstellen handelt es sich um out-of-bound Lesefehlern, ung\u00fcltigen Lesezugriffen und divide-by-zero-Fehlern."
}
],
"product_status": {
"known_affected": [
"2951",
"T001723",
"T002207",
"67646",
"T000126",
"398363",
"1727"
],
"last_affected": [
"T006693"
]
},
"release_date": "2016-06-14T22:00:00.000+00:00",
"title": "CVE-2016-5323"
}
]
}
GSD-2016-5315
Vulnerability from gsd - Updated: 2023-12-13 01:21Details
The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2016-5315",
"description": "The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image.",
"id": "GSD-2016-5315",
"references": [
"https://www.suse.com/security/cve/CVE-2016-5315.html",
"https://www.debian.org/security/2017/dsa-3762",
"https://ubuntu.com/security/CVE-2016-5315",
"https://advisories.mageia.org/CVE-2016-5315.html",
"https://security.archlinux.org/CVE-2016-5315"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2016-5315"
],
"details": "The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image.",
"id": "GSD-2016-5315",
"modified": "2023-12-13T01:21:25.294535Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-5315",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "91204",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91204"
},
{
"name": "[oss-security] 20160615 CVE-2016-5315: libtiff 4.0.6 tif_dir.c: setByteArray() Read access violation",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/06/15/2"
},
{
"name": "GLSA-201701-16",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-16"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1346694",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1346694"
},
{
"name": "DSA-3762",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3762"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.0.6",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-5315"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201701-16",
"refsource": "GENTOO",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://security.gentoo.org/glsa/201701-16"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1346694",
"refsource": "CONFIRM",
"tags": [
"Issue Tracking",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1346694"
},
{
"name": "91204",
"refsource": "BID",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/91204"
},
{
"name": "[oss-security] 20160615 CVE-2016-5315: libtiff 4.0.6 tif_dir.c: setByteArray() Read access violation",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/06/15/2"
},
{
"name": "DSA-3762",
"refsource": "DEBIAN",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3762"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": true
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
},
"lastModifiedDate": "2017-03-08T16:52Z",
"publishedDate": "2017-03-07T15:59Z"
}
}
}
FKIE_CVE-2016-5315
Vulnerability from fkie_nvd - Published: 2017-03-07 15:59 - Updated: 2025-04-20 01:37
Severity ?
Summary
The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://www.debian.org/security/2017/dsa-3762 | Third Party Advisory | |
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2016/06/15/2 | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/91204 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=1346694 | Issue Tracking, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://security.gentoo.org/glsa/201701-16 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2017/dsa-3762 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2016/06/15/2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/91204 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1346694 | Issue Tracking, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201701-16 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libtiff | libtiff | * | |
| debian | debian_linux | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7DBB051D-E94D-4553-88A6-750BE80B7617",
"versionEndIncluding": "4.0.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image."
},
{
"lang": "es",
"value": "La funci\u00f3n setByteArray en tif_dir.c en libtiff 4.0.6 y versiones anteriores permite a atacantes remotos provocar una denegaci\u00f3n de servicio (lectura fuera de l\u00edmites) a trav\u00e9s de una imagen tiff manipulada."
}
],
"id": "CVE-2016-5315",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-03-07T15:59:00.283",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3762"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/06/15/2"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/91204"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1346694"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://security.gentoo.org/glsa/201701-16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3762"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/06/15/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/91204"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1346694"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://security.gentoo.org/glsa/201701-16"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-7VX7-8M24-FQV4
Vulnerability from github – Published: 2022-05-17 02:56 – Updated: 2022-05-17 02:56
VLAI?
Details
The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image.
Severity ?
5.5 (Medium)
{
"affected": [],
"aliases": [
"CVE-2016-5315"
],
"database_specific": {
"cwe_ids": [
"CWE-125"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-03-07T15:59:00Z",
"severity": "MODERATE"
},
"details": "The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image.",
"id": "GHSA-7vx7-8m24-fqv4",
"modified": "2022-05-17T02:56:21Z",
"published": "2022-05-17T02:56:21Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5315"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1346694"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201701-16"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2017/dsa-3762"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2016/06/15/2"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/91204"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
CNVD-2016-04062
Vulnerability from cnvd - Published: 2016-06-17
VLAI Severity ?
Title
Silicon Graphics LibTiff拒绝服务漏洞(CNVD-2016-04062)
Description
Silicon Graphics LibTiff是美国Silicon Graphics公司的一个读写TIFF(标签图像文件格式)文件的库。该库包含一些处理TIFF文件的命令行工具。
Silicon Graphics LibTiff 4.0.6及之前版本的tif_dir.c文件中的‘setByteArray’函数中存在安全漏洞。允许攻击者借助特制的TIFF图像利用该漏洞造成拒绝服务(越边界读访问)。
Severity
中
Formal description
目前厂商暂未发布修复措施解决此安全问题,建议使用此软件的用户随时关注厂商主页或参考网址以获取解决办法: http://www.remotesensing.org/libtiff/
Reference
http://www.openwall.com/lists/oss-security/2016/06/15/2
Impacted products
| Name | Silicon Graphics, Inc. LibTiff <=4.0.6 |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2016-5315"
}
},
"description": "Silicon Graphics LibTiff\u662f\u7f8e\u56fdSilicon Graphics\u516c\u53f8\u7684\u4e00\u4e2a\u8bfb\u5199TIFF\uff08\u6807\u7b7e\u56fe\u50cf\u6587\u4ef6\u683c\u5f0f\uff09\u6587\u4ef6\u7684\u5e93\u3002\u8be5\u5e93\u5305\u542b\u4e00\u4e9b\u5904\u7406TIFF\u6587\u4ef6\u7684\u547d\u4ee4\u884c\u5de5\u5177\u3002\r\n\r\nSilicon Graphics LibTiff 4.0.6\u53ca\u4e4b\u524d\u7248\u672c\u7684tif_dir.c\u6587\u4ef6\u4e2d\u7684\u2018setByteArray\u2019\u51fd\u6570\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u5141\u8bb8\u653b\u51fb\u8005\u501f\u52a9\u7279\u5236\u7684TIFF\u56fe\u50cf\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\uff08\u8d8a\u8fb9\u754c\u8bfb\u8bbf\u95ee\uff09\u3002",
"discovererName": "Kaixiang Zhang of the Cloud Security Team, Qihoo 360",
"formalWay": "\u76ee\u524d\u5382\u5546\u6682\u672a\u53d1\u5e03\u4fee\u590d\u63aa\u65bd\u89e3\u51b3\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u5efa\u8bae\u4f7f\u7528\u6b64\u8f6f\u4ef6\u7684\u7528\u6237\u968f\u65f6\u5173\u6ce8\u5382\u5546\u4e3b\u9875\u6216\u53c2\u8003\u7f51\u5740\u4ee5\u83b7\u53d6\u89e3\u51b3\u529e\u6cd5\uff1a\r\nhttp://www.remotesensing.org/libtiff/",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2016-04062",
"openTime": "2016-06-17",
"products": {
"product": "Silicon Graphics, Inc. LibTiff \u003c=4.0.6"
},
"referenceLink": "http://www.openwall.com/lists/oss-security/2016/06/15/2",
"serverity": "\u4e2d",
"submitTime": "2016-06-16",
"title": "Silicon Graphics LibTiff\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2016-04062\uff09"
}
SUSE-SU-2018:1472-1
Vulnerability from csaf_suse - Published: 2018-05-30 07:08 - Updated: 2018-05-30 07:08Summary
Security update for tiff
Severity
Moderate
Notes
Title of the patch: Security update for tiff
Description of the patch: This update for tiff fixes the following issues:
Security issues fixed:
- CVE-2016-5315: The setByteArray function in tif_dir.c allowed remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image. (bsc#984809)
- CVE-2016-10267: LibTIFF allowed remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image, related to libtiff/tif_ojpeg.c:816:8. (bsc#1017694)
- CVE-2016-10269: LibTIFF allowed remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted TIFF image, related to 'READ of size 512' and libtiff/tif_unix.c:340:2. (bsc#1031254)
- CVE-2016-10270: LibTIFF allowed remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted TIFF image, related to 'READ of size 8' and libtiff/tif_read.c:523:22. (bsc#1031250)
- CVE-2017-18013: In LibTIFF, there was a Null-Pointer Dereference in the tif_print.c TIFFPrintDirectory function, as demonstrated by a tiffinfo crash. (bsc#1074317)
- CVE-2017-7593: tif_read.c did not ensure that tif_rawdata is properly initialized, which might have allowed remote attackers to obtain sensitive information from process memory via a crafted image. (bsc#1033129)
- CVE-2017-7595: The JPEGSetupEncode function in tiff_jpeg.c allowed remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted image. (bsc#1033127)
- CVE-2017-7596: LibTIFF had an 'outside the range of representable values of type float' undefined behavior issue, which might have allowed remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. (bsc#1033126)
- CVE-2017-7597: tif_dirread.c had an 'outside the range of representable values of type float' undefined behavior issue, which might have allowed remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. (bsc#1033120)
- CVE-2017-7599: LibTIFF had an 'outside the range of representable values of type short' undefined behavior issue, which might have allowed remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. (bsc#1033113)
- CVE-2017-7600: LibTIFF had an 'outside the range of representable values of type unsigned char' undefined behavior issue, which might have allowed remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. (bsc#1033112)
- CVE-2017-7601: LibTIFF had a 'shift exponent too large for 64-bit type long' undefined behavior issue, which might have allowed remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. (bsc#1033111)
- CVE-2017-7602: LibTIFF had a signed integer overflow, which might have allowed remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. (bsc#1033109)
- Multiple divide by zero issues
- CVE-2016-5314: Buffer overflow in the PixarLogDecode function in tif_pixarlog.c allowed remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by overwriting the vgetparent function pointer with rgb2ycbcr. (bsc#987351 bsc#984808 bsc#984831)
Patchnames: sdksp4-tiff-13631,slessp4-tiff-13631
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.8 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.8 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
8.8 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.5 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.3 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for tiff",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for tiff fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2016-5315: The setByteArray function in tif_dir.c allowed remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image. (bsc#984809)\n- CVE-2016-10267: LibTIFF allowed remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image, related to libtiff/tif_ojpeg.c:816:8. (bsc#1017694)\n- CVE-2016-10269: LibTIFF allowed remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted TIFF image, related to \u0027READ of size 512\u0027 and libtiff/tif_unix.c:340:2. (bsc#1031254)\n- CVE-2016-10270: LibTIFF allowed remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted TIFF image, related to \u0027READ of size 8\u0027 and libtiff/tif_read.c:523:22. (bsc#1031250)\n- CVE-2017-18013: In LibTIFF, there was a Null-Pointer Dereference in the tif_print.c TIFFPrintDirectory function, as demonstrated by a tiffinfo crash. (bsc#1074317)\n- CVE-2017-7593: tif_read.c did not ensure that tif_rawdata is properly initialized, which might have allowed remote attackers to obtain sensitive information from process memory via a crafted image. (bsc#1033129)\n- CVE-2017-7595: The JPEGSetupEncode function in tiff_jpeg.c allowed remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted image. (bsc#1033127)\n- CVE-2017-7596: LibTIFF had an \u0027outside the range of representable values of type float\u0027 undefined behavior issue, which might have allowed remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. (bsc#1033126)\n- CVE-2017-7597: tif_dirread.c had an \u0027outside the range of representable values of type float\u0027 undefined behavior issue, which might have allowed remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. (bsc#1033120)\n- CVE-2017-7599: LibTIFF had an \u0027outside the range of representable values of type short\u0027 undefined behavior issue, which might have allowed remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. (bsc#1033113)\n- CVE-2017-7600: LibTIFF had an \u0027outside the range of representable values of type unsigned char\u0027 undefined behavior issue, which might have allowed remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. (bsc#1033112)\n- CVE-2017-7601: LibTIFF had a \u0027shift exponent too large for 64-bit type long\u0027 undefined behavior issue, which might have allowed remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. (bsc#1033111)\n- CVE-2017-7602: LibTIFF had a signed integer overflow, which might have allowed remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. (bsc#1033109)\n- Multiple divide by zero issues\n- CVE-2016-5314: Buffer overflow in the PixarLogDecode function in tif_pixarlog.c allowed remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by overwriting the vgetparent function pointer with rgb2ycbcr. (bsc#987351 bsc#984808 bsc#984831)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "sdksp4-tiff-13631,slessp4-tiff-13631",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_1472-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2018:1472-1",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181472-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2018:1472-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2018-May/004101.html"
},
{
"category": "self",
"summary": "SUSE Bug 1017694",
"url": "https://bugzilla.suse.com/1017694"
},
{
"category": "self",
"summary": "SUSE Bug 1031250",
"url": "https://bugzilla.suse.com/1031250"
},
{
"category": "self",
"summary": "SUSE Bug 1031254",
"url": "https://bugzilla.suse.com/1031254"
},
{
"category": "self",
"summary": "SUSE Bug 1033109",
"url": "https://bugzilla.suse.com/1033109"
},
{
"category": "self",
"summary": "SUSE Bug 1033111",
"url": "https://bugzilla.suse.com/1033111"
},
{
"category": "self",
"summary": "SUSE Bug 1033112",
"url": "https://bugzilla.suse.com/1033112"
},
{
"category": "self",
"summary": "SUSE Bug 1033113",
"url": "https://bugzilla.suse.com/1033113"
},
{
"category": "self",
"summary": "SUSE Bug 1033120",
"url": "https://bugzilla.suse.com/1033120"
},
{
"category": "self",
"summary": "SUSE Bug 1033126",
"url": "https://bugzilla.suse.com/1033126"
},
{
"category": "self",
"summary": "SUSE Bug 1033127",
"url": "https://bugzilla.suse.com/1033127"
},
{
"category": "self",
"summary": "SUSE Bug 1033129",
"url": "https://bugzilla.suse.com/1033129"
},
{
"category": "self",
"summary": "SUSE Bug 1074317",
"url": "https://bugzilla.suse.com/1074317"
},
{
"category": "self",
"summary": "SUSE Bug 984808",
"url": "https://bugzilla.suse.com/984808"
},
{
"category": "self",
"summary": "SUSE Bug 984809",
"url": "https://bugzilla.suse.com/984809"
},
{
"category": "self",
"summary": "SUSE Bug 984831",
"url": "https://bugzilla.suse.com/984831"
},
{
"category": "self",
"summary": "SUSE Bug 987351",
"url": "https://bugzilla.suse.com/987351"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-10267 page",
"url": "https://www.suse.com/security/cve/CVE-2016-10267/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-10269 page",
"url": "https://www.suse.com/security/cve/CVE-2016-10269/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-10270 page",
"url": "https://www.suse.com/security/cve/CVE-2016-10270/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5314 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5314/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5315 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5315/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-18013 page",
"url": "https://www.suse.com/security/cve/CVE-2017-18013/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7593 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7593/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7595 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7595/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7596 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7596/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7597 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7597/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7599 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7599/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7600 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7600/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7601 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7601/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7602 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7602/"
}
],
"title": "Security update for tiff",
"tracking": {
"current_release_date": "2018-05-30T07:08:57Z",
"generator": {
"date": "2018-05-30T07:08:57Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2018:1472-1",
"initial_release_date": "2018-05-30T07:08:57Z",
"revision_history": [
{
"date": "2018-05-30T07:08:57Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libtiff-devel-3.8.2-141.169.6.1.i586",
"product": {
"name": "libtiff-devel-3.8.2-141.169.6.1.i586",
"product_id": "libtiff-devel-3.8.2-141.169.6.1.i586"
}
},
{
"category": "product_version",
"name": "libtiff3-3.8.2-141.169.6.1.i586",
"product": {
"name": "libtiff3-3.8.2-141.169.6.1.i586",
"product_id": "libtiff3-3.8.2-141.169.6.1.i586"
}
},
{
"category": "product_version",
"name": "tiff-3.8.2-141.169.6.1.i586",
"product": {
"name": "tiff-3.8.2-141.169.6.1.i586",
"product_id": "tiff-3.8.2-141.169.6.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-devel-3.8.2-141.169.6.1.ia64",
"product": {
"name": "libtiff-devel-3.8.2-141.169.6.1.ia64",
"product_id": "libtiff-devel-3.8.2-141.169.6.1.ia64"
}
},
{
"category": "product_version",
"name": "libtiff3-3.8.2-141.169.6.1.ia64",
"product": {
"name": "libtiff3-3.8.2-141.169.6.1.ia64",
"product_id": "libtiff3-3.8.2-141.169.6.1.ia64"
}
},
{
"category": "product_version",
"name": "libtiff3-x86-3.8.2-141.169.6.1.ia64",
"product": {
"name": "libtiff3-x86-3.8.2-141.169.6.1.ia64",
"product_id": "libtiff3-x86-3.8.2-141.169.6.1.ia64"
}
},
{
"category": "product_version",
"name": "tiff-3.8.2-141.169.6.1.ia64",
"product": {
"name": "tiff-3.8.2-141.169.6.1.ia64",
"product_id": "tiff-3.8.2-141.169.6.1.ia64"
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-devel-3.8.2-141.169.6.1.ppc64",
"product": {
"name": "libtiff-devel-3.8.2-141.169.6.1.ppc64",
"product_id": "libtiff-devel-3.8.2-141.169.6.1.ppc64"
}
},
{
"category": "product_version",
"name": "libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"product": {
"name": "libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"product_id": "libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64"
}
},
{
"category": "product_version",
"name": "libtiff3-3.8.2-141.169.6.1.ppc64",
"product": {
"name": "libtiff3-3.8.2-141.169.6.1.ppc64",
"product_id": "libtiff3-3.8.2-141.169.6.1.ppc64"
}
},
{
"category": "product_version",
"name": "libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"product": {
"name": "libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"product_id": "libtiff3-32bit-3.8.2-141.169.6.1.ppc64"
}
},
{
"category": "product_version",
"name": "tiff-3.8.2-141.169.6.1.ppc64",
"product": {
"name": "tiff-3.8.2-141.169.6.1.ppc64",
"product_id": "tiff-3.8.2-141.169.6.1.ppc64"
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-devel-3.8.2-141.169.6.1.s390x",
"product": {
"name": "libtiff-devel-3.8.2-141.169.6.1.s390x",
"product_id": "libtiff-devel-3.8.2-141.169.6.1.s390x"
}
},
{
"category": "product_version",
"name": "libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"product": {
"name": "libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"product_id": "libtiff-devel-32bit-3.8.2-141.169.6.1.s390x"
}
},
{
"category": "product_version",
"name": "libtiff3-3.8.2-141.169.6.1.s390x",
"product": {
"name": "libtiff3-3.8.2-141.169.6.1.s390x",
"product_id": "libtiff3-3.8.2-141.169.6.1.s390x"
}
},
{
"category": "product_version",
"name": "libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"product": {
"name": "libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"product_id": "libtiff3-32bit-3.8.2-141.169.6.1.s390x"
}
},
{
"category": "product_version",
"name": "tiff-3.8.2-141.169.6.1.s390x",
"product": {
"name": "tiff-3.8.2-141.169.6.1.s390x",
"product_id": "tiff-3.8.2-141.169.6.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-devel-3.8.2-141.169.6.1.x86_64",
"product": {
"name": "libtiff-devel-3.8.2-141.169.6.1.x86_64",
"product_id": "libtiff-devel-3.8.2-141.169.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64",
"product": {
"name": "libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64",
"product_id": "libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "libtiff3-3.8.2-141.169.6.1.x86_64",
"product": {
"name": "libtiff3-3.8.2-141.169.6.1.x86_64",
"product_id": "libtiff3-3.8.2-141.169.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"product": {
"name": "libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"product_id": "libtiff3-32bit-3.8.2-141.169.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "tiff-3.8.2-141.169.6.1.x86_64",
"product": {
"name": "tiff-3.8.2-141.169.6.1.x86_64",
"product_id": "tiff-3.8.2-141.169.6.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Software Development Kit 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/a:suse:sle-sdk:11:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sles:11:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:11:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-3.8.2-141.169.6.1.i586 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586"
},
"product_reference": "libtiff-devel-3.8.2-141.169.6.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-3.8.2-141.169.6.1.ia64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64"
},
"product_reference": "libtiff-devel-3.8.2-141.169.6.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-3.8.2-141.169.6.1.ppc64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64"
},
"product_reference": "libtiff-devel-3.8.2-141.169.6.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-3.8.2-141.169.6.1.s390x as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x"
},
"product_reference": "libtiff-devel-3.8.2-141.169.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-3.8.2-141.169.6.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64"
},
"product_reference": "libtiff-devel-3.8.2-141.169.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64"
},
"product_reference": "libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-32bit-3.8.2-141.169.6.1.s390x as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x"
},
"product_reference": "libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
},
"product_reference": "libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff3-3.8.2-141.169.6.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586"
},
"product_reference": "libtiff3-3.8.2-141.169.6.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff3-3.8.2-141.169.6.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64"
},
"product_reference": "libtiff3-3.8.2-141.169.6.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff3-3.8.2-141.169.6.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64"
},
"product_reference": "libtiff3-3.8.2-141.169.6.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff3-3.8.2-141.169.6.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x"
},
"product_reference": "libtiff3-3.8.2-141.169.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff3-3.8.2-141.169.6.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64"
},
"product_reference": "libtiff3-3.8.2-141.169.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff3-32bit-3.8.2-141.169.6.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64"
},
"product_reference": "libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff3-32bit-3.8.2-141.169.6.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x"
},
"product_reference": "libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff3-32bit-3.8.2-141.169.6.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64"
},
"product_reference": "libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff3-x86-3.8.2-141.169.6.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64"
},
"product_reference": "libtiff3-x86-3.8.2-141.169.6.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tiff-3.8.2-141.169.6.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586"
},
"product_reference": "tiff-3.8.2-141.169.6.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tiff-3.8.2-141.169.6.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64"
},
"product_reference": "tiff-3.8.2-141.169.6.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tiff-3.8.2-141.169.6.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64"
},
"product_reference": "tiff-3.8.2-141.169.6.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tiff-3.8.2-141.169.6.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x"
},
"product_reference": "tiff-3.8.2-141.169.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tiff-3.8.2-141.169.6.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64"
},
"product_reference": "tiff-3.8.2-141.169.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff3-3.8.2-141.169.6.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586"
},
"product_reference": "libtiff3-3.8.2-141.169.6.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff3-3.8.2-141.169.6.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64"
},
"product_reference": "libtiff3-3.8.2-141.169.6.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff3-3.8.2-141.169.6.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64"
},
"product_reference": "libtiff3-3.8.2-141.169.6.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff3-3.8.2-141.169.6.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x"
},
"product_reference": "libtiff3-3.8.2-141.169.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff3-3.8.2-141.169.6.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64"
},
"product_reference": "libtiff3-3.8.2-141.169.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff3-32bit-3.8.2-141.169.6.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64"
},
"product_reference": "libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff3-32bit-3.8.2-141.169.6.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x"
},
"product_reference": "libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff3-32bit-3.8.2-141.169.6.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64"
},
"product_reference": "libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff3-x86-3.8.2-141.169.6.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64"
},
"product_reference": "libtiff3-x86-3.8.2-141.169.6.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tiff-3.8.2-141.169.6.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586"
},
"product_reference": "tiff-3.8.2-141.169.6.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tiff-3.8.2-141.169.6.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64"
},
"product_reference": "tiff-3.8.2-141.169.6.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tiff-3.8.2-141.169.6.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64"
},
"product_reference": "tiff-3.8.2-141.169.6.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tiff-3.8.2-141.169.6.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x"
},
"product_reference": "tiff-3.8.2-141.169.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tiff-3.8.2-141.169.6.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64"
},
"product_reference": "tiff-3.8.2-141.169.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-10267",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-10267"
}
],
"notes": [
{
"category": "general",
"text": "LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image, related to libtiff/tif_ojpeg.c:816:8.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-10267",
"url": "https://www.suse.com/security/cve/CVE-2016-10267"
},
{
"category": "external",
"summary": "SUSE Bug 1017694 for CVE-2016-10267",
"url": "https://bugzilla.suse.com/1017694"
},
{
"category": "external",
"summary": "SUSE Bug 1031262 for CVE-2016-10267",
"url": "https://bugzilla.suse.com/1031262"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-30T07:08:57Z",
"details": "moderate"
}
],
"title": "CVE-2016-10267"
},
{
"cve": "CVE-2016-10269",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-10269"
}
],
"notes": [
{
"category": "general",
"text": "LibTIFF 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6 and 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted TIFF image, related to \"READ of size 512\" and libtiff/tif_unix.c:340:2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-10269",
"url": "https://www.suse.com/security/cve/CVE-2016-10269"
},
{
"category": "external",
"summary": "SUSE Bug 1017693 for CVE-2016-10269",
"url": "https://bugzilla.suse.com/1017693"
},
{
"category": "external",
"summary": "SUSE Bug 1031254 for CVE-2016-10269",
"url": "https://bugzilla.suse.com/1031254"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-30T07:08:57Z",
"details": "moderate"
}
],
"title": "CVE-2016-10269"
},
{
"cve": "CVE-2016-10270",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-10270"
}
],
"notes": [
{
"category": "general",
"text": "LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted TIFF image, related to \"READ of size 8\" and libtiff/tif_read.c:523:22.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-10270",
"url": "https://www.suse.com/security/cve/CVE-2016-10270"
},
{
"category": "external",
"summary": "SUSE Bug 1031250 for CVE-2016-10270",
"url": "https://bugzilla.suse.com/1031250"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-30T07:08:57Z",
"details": "moderate"
}
],
"title": "CVE-2016-10270"
},
{
"cve": "CVE-2016-5314",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5314"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in the PixarLogDecode function in tif_pixarlog.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by overwriting the vgetparent function pointer with rgb2ycbcr.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5314",
"url": "https://www.suse.com/security/cve/CVE-2016-5314"
},
{
"category": "external",
"summary": "SUSE Bug 984831 for CVE-2016-5314",
"url": "https://bugzilla.suse.com/984831"
},
{
"category": "external",
"summary": "SUSE Bug 987351 for CVE-2016-5314",
"url": "https://bugzilla.suse.com/987351"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-30T07:08:57Z",
"details": "moderate"
}
],
"title": "CVE-2016-5314"
},
{
"cve": "CVE-2016-5315",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5315"
}
],
"notes": [
{
"category": "general",
"text": "The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5315",
"url": "https://www.suse.com/security/cve/CVE-2016-5315"
},
{
"category": "external",
"summary": "SUSE Bug 984809 for CVE-2016-5315",
"url": "https://bugzilla.suse.com/984809"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-30T07:08:57Z",
"details": "moderate"
}
],
"title": "CVE-2016-5315"
},
{
"cve": "CVE-2017-18013",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-18013"
}
],
"notes": [
{
"category": "general",
"text": "In LibTIFF 4.0.9, there is a Null-Pointer Dereference in the tif_print.c TIFFPrintDirectory function, as demonstrated by a tiffinfo crash.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-18013",
"url": "https://www.suse.com/security/cve/CVE-2017-18013"
},
{
"category": "external",
"summary": "SUSE Bug 1074317 for CVE-2017-18013",
"url": "https://bugzilla.suse.com/1074317"
},
{
"category": "external",
"summary": "SUSE Bug 1082825 for CVE-2017-18013",
"url": "https://bugzilla.suse.com/1082825"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-30T07:08:57Z",
"details": "important"
}
],
"title": "CVE-2017-18013"
},
{
"cve": "CVE-2017-7593",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7593"
}
],
"notes": [
{
"category": "general",
"text": "tif_read.c in LibTIFF 4.0.7 does not ensure that tif_rawdata is properly initialized, which might allow remote attackers to obtain sensitive information from process memory via a crafted image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7593",
"url": "https://www.suse.com/security/cve/CVE-2017-7593"
},
{
"category": "external",
"summary": "SUSE Bug 1033129 for CVE-2017-7593",
"url": "https://bugzilla.suse.com/1033129"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-30T07:08:57Z",
"details": "moderate"
}
],
"title": "CVE-2017-7593"
},
{
"cve": "CVE-2017-7595",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7595"
}
],
"notes": [
{
"category": "general",
"text": "The JPEGSetupEncode function in tiff_jpeg.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7595",
"url": "https://www.suse.com/security/cve/CVE-2017-7595"
},
{
"category": "external",
"summary": "SUSE Bug 1033111 for CVE-2017-7595",
"url": "https://bugzilla.suse.com/1033111"
},
{
"category": "external",
"summary": "SUSE Bug 1033127 for CVE-2017-7595",
"url": "https://bugzilla.suse.com/1033127"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-30T07:08:57Z",
"details": "moderate"
}
],
"title": "CVE-2017-7595"
},
{
"cve": "CVE-2017-7596",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7596"
}
],
"notes": [
{
"category": "general",
"text": "LibTIFF 4.0.7 has an \"outside the range of representable values of type float\" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7596",
"url": "https://www.suse.com/security/cve/CVE-2017-7596"
},
{
"category": "external",
"summary": "SUSE Bug 1033112 for CVE-2017-7596",
"url": "https://bugzilla.suse.com/1033112"
},
{
"category": "external",
"summary": "SUSE Bug 1033113 for CVE-2017-7596",
"url": "https://bugzilla.suse.com/1033113"
},
{
"category": "external",
"summary": "SUSE Bug 1033120 for CVE-2017-7596",
"url": "https://bugzilla.suse.com/1033120"
},
{
"category": "external",
"summary": "SUSE Bug 1033126 for CVE-2017-7596",
"url": "https://bugzilla.suse.com/1033126"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-30T07:08:57Z",
"details": "important"
}
],
"title": "CVE-2017-7596"
},
{
"cve": "CVE-2017-7597",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7597"
}
],
"notes": [
{
"category": "general",
"text": "tif_dirread.c in LibTIFF 4.0.7 has an \"outside the range of representable values of type float\" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7597",
"url": "https://www.suse.com/security/cve/CVE-2017-7597"
},
{
"category": "external",
"summary": "SUSE Bug 1033112 for CVE-2017-7597",
"url": "https://bugzilla.suse.com/1033112"
},
{
"category": "external",
"summary": "SUSE Bug 1033113 for CVE-2017-7597",
"url": "https://bugzilla.suse.com/1033113"
},
{
"category": "external",
"summary": "SUSE Bug 1033120 for CVE-2017-7597",
"url": "https://bugzilla.suse.com/1033120"
},
{
"category": "external",
"summary": "SUSE Bug 1033126 for CVE-2017-7597",
"url": "https://bugzilla.suse.com/1033126"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-30T07:08:57Z",
"details": "moderate"
}
],
"title": "CVE-2017-7597"
},
{
"cve": "CVE-2017-7599",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7599"
}
],
"notes": [
{
"category": "general",
"text": "LibTIFF 4.0.7 has an \"outside the range of representable values of type short\" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7599",
"url": "https://www.suse.com/security/cve/CVE-2017-7599"
},
{
"category": "external",
"summary": "SUSE Bug 1033112 for CVE-2017-7599",
"url": "https://bugzilla.suse.com/1033112"
},
{
"category": "external",
"summary": "SUSE Bug 1033113 for CVE-2017-7599",
"url": "https://bugzilla.suse.com/1033113"
},
{
"category": "external",
"summary": "SUSE Bug 1033120 for CVE-2017-7599",
"url": "https://bugzilla.suse.com/1033120"
},
{
"category": "external",
"summary": "SUSE Bug 1033126 for CVE-2017-7599",
"url": "https://bugzilla.suse.com/1033126"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-30T07:08:57Z",
"details": "moderate"
}
],
"title": "CVE-2017-7599"
},
{
"cve": "CVE-2017-7600",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7600"
}
],
"notes": [
{
"category": "general",
"text": "LibTIFF 4.0.7 has an \"outside the range of representable values of type unsigned char\" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7600",
"url": "https://www.suse.com/security/cve/CVE-2017-7600"
},
{
"category": "external",
"summary": "SUSE Bug 1033112 for CVE-2017-7600",
"url": "https://bugzilla.suse.com/1033112"
},
{
"category": "external",
"summary": "SUSE Bug 1033113 for CVE-2017-7600",
"url": "https://bugzilla.suse.com/1033113"
},
{
"category": "external",
"summary": "SUSE Bug 1033120 for CVE-2017-7600",
"url": "https://bugzilla.suse.com/1033120"
},
{
"category": "external",
"summary": "SUSE Bug 1033126 for CVE-2017-7600",
"url": "https://bugzilla.suse.com/1033126"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-30T07:08:57Z",
"details": "low"
}
],
"title": "CVE-2017-7600"
},
{
"cve": "CVE-2017-7601",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7601"
}
],
"notes": [
{
"category": "general",
"text": "LibTIFF 4.0.7 has a \"shift exponent too large for 64-bit type long\" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7601",
"url": "https://www.suse.com/security/cve/CVE-2017-7601"
},
{
"category": "external",
"summary": "SUSE Bug 1033111 for CVE-2017-7601",
"url": "https://bugzilla.suse.com/1033111"
},
{
"category": "external",
"summary": "SUSE Bug 1033127 for CVE-2017-7601",
"url": "https://bugzilla.suse.com/1033127"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-30T07:08:57Z",
"details": "low"
}
],
"title": "CVE-2017-7601"
},
{
"cve": "CVE-2017-7602",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7602"
}
],
"notes": [
{
"category": "general",
"text": "LibTIFF 4.0.7 has a signed integer overflow, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7602",
"url": "https://www.suse.com/security/cve/CVE-2017-7602"
},
{
"category": "external",
"summary": "SUSE Bug 1033109 for CVE-2017-7602",
"url": "https://bugzilla.suse.com/1033109"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-30T07:08:57Z",
"details": "moderate"
}
],
"title": "CVE-2017-7602"
}
]
}
Loading…
Show additional events:
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…