CVE-2016-5317 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Libtiff
Severity
6.5MEDIUMNVD
EPSS
0.6%
top 30.19%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJan 20
Latest updateMay 14
Description
Buffer overflow in the PixarLogDecode function in libtiff.so in the PixarLogDecode function in libtiff 4.0.6 and earlier, as used in GNOME nautilus, allows attackers to cause a denial of service attack (crash) via a crafted TIFF file.
CVSS vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6
Affected Packages3 packages
🔴Vulnerability Details
3📋Vendor Advisories
3💬Community
5Bugzilla
▶
Bugzilla▶
CVE-2016-5314 CVE-2016-5315 CVE-2016-5316 CVE-2016-5317 CVE-2016-5320 CVE-2016-5321 CVE-2016-5322 CVE-2016-5323 libtiff: various flaws [fedora-all]↗2016-06-15
Bugzilla▶
CVE-2016-5314 CVE-2016-5315 CVE-2016-5316 CVE-2016-5317 CVE-2016-5320 CVE-2016-5321 CVE-2016-5322 CVE-2016-5323 mingw-libtiff: various flaws [fedora-all]↗2016-06-15
Bugzilla▶
CVE-2016-5314 CVE-2016-5315 CVE-2016-5316 CVE-2016-5317 CVE-2016-5320 CVE-2016-5321 CVE-2016-5322 CVE-2016-5323 mingw-libtiff: various flaws [epel-7]↗2016-06-15