CVE-2014-9330

2015-01-20 16:59:04 2018-01-05 03:29:55

Integer overflow in tif_packbits.c in bmp2tif in libtiff 4.0.3 allows remote attackers to cause a denial of service (crash) via crafted BMP image, related to dimensions, which triggers an out-of-bounds read.

Vector

NETWORK

Complexity

LOW

Authentication

NONE

Confidentiality

NONE

Integrity

NONE

Availability

PARTIAL

LibTIFF 4.0.3

Libtiff - Libtiff

Advisory	Patch	Confirmed	Link
			http://www.oracle.com/technetwork/topics/security/linuxb...
			http://www.oracle.com/technetwork/topics/security/ovmbul...
			DSA-3273
			RHSA-2016:1547
			20141222 CVE-2014-9330: Libtiff integer overflow in bmp2...
			RHSA-2016:1546
			http://bugzilla.maptools.org/show_bug.cgi?id=2494
			71789
			1031442
			GLSA-201701-16

CVE-2014-9330

2015-01-20 16:59:04 2018-01-05 03:29:55

Vector

Complexity

Authentication

Confidentiality

Integrity

Availability

Numeric Errors (ID 189)