CVE-2015-7554 — Stack-based Buffer Overflow in Tiff

CWE-254 CWE-121 — Stack-based Buffer Overflow10 documents7 sources

Severity

9.8CRITICALNVD

EPSS

1.6%

top 18.35%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Debian Tiff Libtiff

Timeline

PublishedJan 8

Latest updateMay 14

Description

The _TIFFVGetField function in tif_dir.c in libtiff 4.0.6 allows attackers to cause a denial of service (invalid memory write and crash) or possibly have unspecified other impact via crafted field data in an extension tag in a TIFF image.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

▶NVDlibtiff/libtiff4.0.6

▶debiandebian/tiff< tiff 4.0.7-7 (bookworm)

🔴Vulnerability Details

GHSA

GHSA-r22q-wfrw-q7mx: The _TIFFVGetField function in tif_dir↗2022-05-14

▶

OSV

CVE-2015-7554: The _TIFFVGetField function in tif_dir↗2016-01-08

▶

📋Vendor Advisories

Ubuntu

LibTIFF vulnerabilities↗2017-07-19

▶

Ubuntu

LibTIFF vulnerabilities↗2017-02-27

▶

Red Hat

libtiff: Stack-based buffer overflow in _TIFFVGetField↗2016-12-04

▶

Red Hat

libtiff: Invalid-write in _TIFFVGetField() when parsing some extension tags↗2015-12-26

▶

Debian

CVE-2015-7554: tiff - The _TIFFVGetField function in tif_dir.c in libtiff 4.0.6 allows attackers to ca...↗2015

▶

💬Community

Bugzilla

CVE-2016-10095 libtiff: Stack-based buffer overflow in _TIFFVGetField↗2017-01-04

▶

Bugzilla

CVE-2015-7554 libtiff: Invalid-write in _TIFFVGetField() when parsing some extension tags↗2015-12-28

▶