Main Vulnerability Database Vulnerabilities #VU40038

Integer overflow in LibTIFF - CVE-2016-9538

Published: November 22, 2016 / Updated: August 9, 2020

Vulnerability identifier: #VU40038

CSH Severity: High

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber

CVE-ID: CVE-2016-9538

CWE-ID: CWE-190

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: LibTIFF

Affected software:
LibTIFF

Detailed vulnerability description

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

tools/tiffcrop.c in libtiff 4.0.6 reads an undefined buffer in readContigStripsIntoBuffer() because of a uint16 integer overflow. Reported as MSVR 35100.

How to mitigate CVE-2016-9538

Install update from vendor's website.

Sources

http://www.debian.org/security/2017/dsa-3762
http://www.securityfocus.com/bid/94484
http://www.securityfocus.com/bid/94753
https://github.com/vadz/libtiff/commit/43c0b81a818640429317c80fea1e66771e85024b#diff-c8b4b355f9b5c06d585b23138e1c185f

Integer overflow in LibTIFF - CVE-2016-9538

Detailed vulnerability description

How to mitigate CVE-2016-9538

Sources

Please verify you're human