Fedora 28 update for mingw-libtiff
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 6 |
| CVE-ID | CVE-2016-10092 CVE-2016-10093 CVE-2016-10094 CVE-2016-10095 CVE-2017-5225 CVE-2017-5563 |
| CWE-ID | CWE-122 CWE-190 CWE-193 CWE-121 CWE-126 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Fedora Operating systems & Components / Operating system mingw-libtiff Operating systems & Components / Operating system package or component |
| Vendor | Fedoraproject |
Security Bulletin
This security bulletin contains information about 6 vulnerabilities.
1) Heap-based buffer overflow
EUVDB-ID: #VU13548
Risk: Low
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2016-10092
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists due to heap-based buffer overflow in the readContigStripsIntoBuffer function in tif_unix.c when processing malicious input. A remote attacker can send a specially crafted image, trigger memory corruption and cause the service to crash.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsFedora: 28
mingw-libtiff: before 4.0.9-1.fc28
CPE2.3- cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:mingw-libtiff:*:*:*:*:*:fedora:*:*
https://bodhi.fedoraproject.org/updates/FEDORA-2018-cc86e5bc77
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Memory corruption
EUVDB-ID: #VU13549
Risk: Low
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2016-10093
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists due to integer overflow in tools/tiffcp.c when processing malicious input. A remote attacker can send a specially crafted image, trigger heap-based buffer overflow and cause the service to crash.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsFedora: 28
mingw-libtiff: before 4.0.9-1.fc28
CPE2.3- cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:mingw-libtiff:*:*:*:*:*:fedora:*:*
https://bodhi.fedoraproject.org/updates/FEDORA-2018-cc86e5bc77
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Off-by-one error
EUVDB-ID: #VU13550
Risk: Low
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2016-10094
CWE-ID:
CWE-193 - Off-by-one Error
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists due to off-by-one error in the t2p_readwrite_pdf_image_tile function in tools/tiff2pdf.c when processing malicious input. A remote attacker can send a specially crafted image and cause the service to crash.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsFedora: 28
mingw-libtiff: before 4.0.9-1.fc28
CPE2.3- cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:mingw-libtiff:*:*:*:*:*:fedora:*:*
https://bodhi.fedoraproject.org/updates/FEDORA-2018-cc86e5bc77
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Stack-based buffer overflow
EUVDB-ID: #VU7402
Risk: Low
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2016-10095
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition.
The weakness exits due to stack-based buffer overflow in the _TIFFVGetField function in tif_dir.c. A remote attacker can send specially crafted TIFF file and cause the application to crash.
Successful exploitation of the vulnerability results in denial of service.
Install updates from vendor's repository.
Vulnerable software versionsFedora: 28
mingw-libtiff: before 4.0.9-1.fc28
CPE2.3- cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:mingw-libtiff:*:*:*:*:*:fedora:*:*
https://bodhi.fedoraproject.org/updates/FEDORA-2018-cc86e5bc77
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Heap-based buffer overflow
EUVDB-ID: #VU5919
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2017-5225
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to boundary error in "tools/tiffcp.cwhen" processing images. A remote attacker can create an image with specially crafted BitsPerSample value, trigger heap-based buffer overflow and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsFedora: 28
mingw-libtiff: before 4.0.9-1.fc28
CPE2.3- cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:mingw-libtiff:*:*:*:*:*:fedora:*:*
https://bodhi.fedoraproject.org/updates/FEDORA-2018-cc86e5bc77
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Heap-based buffer over-read
EUVDB-ID: #VU11497
Risk: Low
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2017-5563
CWE-ID:
CWE-126 - Buffer over-read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists in tif_lzw.c due to heap-based buffer over-read. A remote attacker can trigger memory corruption and cause the service to crash.
Install updates from vendor's repository.
Vulnerable software versionsFedora: 28
mingw-libtiff: before 4.0.9-1.fc28
CPE2.3- cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*
- cpe:2.3:a:fedoraproject:mingw-libtiff:*:*:*:*:*:fedora:*:*
https://bodhi.fedoraproject.org/updates/FEDORA-2018-cc86e5bc77
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
