CVE-2016-3990

CWE-119Buffer OverflowCWE-787Out-of-bounds Write9 documents8 sources
Severity
7.8HIGH
EPSS
0.4%
top 36.64%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Libtiff LibtiffOracle VM Server
Timeline
PublishedSep 21
Latest updateMay 14

Description

Heap-based buffer overflow in the horizontalDifference8 function in tif_pixarlog.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted TIFF image to tiffcp.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages3 packages

NVDlibtiff/libtiff4.0.6
Debiantiff< 4.0.7-1+3
NVDoracle/vm_server3.3, 3.4+1

Patches

Patch: www.oracle.comPatch: www.oracle.com

🔴Vulnerability Details

3
GHSA
GHSA-7r33-ggq9-wqpm: Heap-based buffer overflow in the horizontalDifference8 function in tif_pixarlog2022-05-14
OSV
CVE-2016-3990: Heap-based buffer overflow in the horizontalDifference8 function in tif_pixarlog2016-09-21
CVEList
CVE-2016-3990: Heap-based buffer overflow in the horizontalDifference8 function in tif_pixarlog2016-09-21

📋Vendor Advisories

4
Ubuntu
LibTIFF vulnerabilities2017-07-19
Ubuntu
LibTIFF vulnerabilities2017-02-27
Red Hat
libtiff: out-of-bounds write in horizontalDifference8()2016-04-12
Debian
CVE-2016-3990: tiff - Heap-based buffer overflow in the horizontalDifference8 function in tif_pixarlog...2016

💬Community

1
Bugzilla
CVE-2016-3990 libtiff: out-of-bounds write in horizontalDifference8()2016-04-12
CVE-2016-3990 (HIGH CVSS 7.8) | Heap-based buffer overflow in the h | cvebase.io