CVE-2015-7313 — Uncontrolled Resource Consumption in Libtiff

Severity

5.5MEDIUMNVD

EPSS

0.1%

top 67.19%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedMar 17

Latest updateMay 17

Description

LibTIFF before 4.0.7 allows remote attackers to cause a denial of service (memory consumption and crash) via a crafted tiff file.

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

▶debiandebian/tiff< tiff 4.0.7-1 (bookworm)

GHSA

GHSA-2j29-7372-8rgg: LibTIFF allows remote attackers to cause a denial of service (memory consumption and crash) via a crafted tiff file↗2022-05-17

▶

OSV

CVE-2015-7313: LibTIFF before 4↗2017-03-17

▶

Red Hat

libtiff: OOM when parsing crafted tiff files↗2015-09-21

▶

Debian

CVE-2015-7313: tiff - LibTIFF before 4.0.7 allows remote attackers to cause a denial of service (memor...↗2015

▶

Bugzilla

CVE-2015-7313 mingw-libtiff: libtiff: OOM when parsing crafted tiff files [fedora-all]↗2015-09-24

▶

Bugzilla

CVE-2015-7313 libtiff: OOM when parsing crafted tiff files↗2015-09-24

▶

Bugzilla

CVE-2015-7313 libtiff: OOM when parsing crafted tiff files [fedora-all]↗2015-09-24

▶