CVE-2016-3632

CWE-787Out-of-bounds Write9 documents8 sources
Severity
7.8HIGH
EPSS
0.5%
top 33.47%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Libtiff LibtiffOracle VM Server
Timeline
PublishedSep 21
Latest updateMay 14

Description

The _TIFFVGetField function in tif_dirinfo.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via a crafted TIFF image.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages3 packages

NVDlibtiff/libtiff4.0.6
Debiantiff< 4.0.6-3+3
NVDoracle/vm_server3.3, 3.4+1

Patches

Patch: www.oracle.comPatch: www.oracle.com

🔴Vulnerability Details

3
GHSA
GHSA-7vr3-p53x-43w6: The _TIFFVGetField function in tif_dirinfo2022-05-14
CVEList
CVE-2016-3632: The _TIFFVGetField function in tif_dirinfo2016-09-21
OSV
CVE-2016-3632: The _TIFFVGetField function in tif_dirinfo2016-09-21

📋Vendor Advisories

4
Ubuntu
LibTIFF vulnerabilities2017-07-19
Ubuntu
LibTIFF vulnerabilities2017-02-27
Red Hat
libtiff: out-of-bounds write in _TIFFVGetField function2016-04-08
Debian
CVE-2016-3632: tiff - The _TIFFVGetField function in tif_dirinfo.c in LibTIFF 4.0.6 and earlier allows...2016

💬Community

1
Bugzilla
CVE-2016-3632 libtiff: out-of-bounds write in _TIFFVGetField function2016-04-08
CVE-2016-3632 (HIGH CVSS 7.8) | The _TIFFVGetField function in tif_ | cvebase.io