Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2016-9535

tif_predict.h and tif_predict.c in libtiff 4.0.6 have assertions that can lead to assertion failures in debug mode, or buffer overflows in release mode, when dealing with unusual tile size like YCbCr with subsampling. Reported as MSVR 35105, aka "Predictor heap-buffer-overflow."

Published

2016-11-22T19:59:03.387

Last Modified

2025-04-12T10:46:40.837

Status

Deferred

Source

[email protected]

Severity

CVSSv3.0: 9.8 (CRITICAL)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: PARTIAL
Availability Impact: PARTIAL

Exploitability Score

10.0

Impact Score

6.4

Weaknesses

Type: Primary
CWE-119

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	libtiff	libtiff	4.0.6	Yes

References

http://rhn.redhat.com/errata/RHSA-2017-0225.html ([email protected])
http://www.debian.org/security/2017/dsa-3844 ([email protected])
http://www.securityfocus.com/bid/94484 Third Party Advisory, VDB Entry ([email protected])
http://www.securityfocus.com/bid/94744 ([email protected])
https://github.com/vadz/libtiff/commit/3ca657a8793dd011bf869695d72ad31c779c3cc1 Issue Tracking, Patch, Third Party Advisory ([email protected])
https://github.com/vadz/libtiff/commit/6a984bf7905c6621281588431f384e79d11a2e33 Issue Tracking, Patch, Third Party Advisory ([email protected])
http://rhn.redhat.com/errata/RHSA-2017-0225.html (af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2017/dsa-3844 (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/94484 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/94744 (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/vadz/libtiff/commit/3ca657a8793dd011bf869695d72ad31c779c3cc1 Issue Tracking, Patch, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/vadz/libtiff/commit/6a984bf7905c6621281588431f384e79d11a2e33 Issue Tracking, Patch, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)