CVE-2017-16232

CVE-2017-16232

Name

CVE-2017-16232

Description

LibTIFF 4.0.8 has multiple memory leak vulnerabilities, which allow attackers to cause a denial of service (memory consumption), as demonstrated by tif_open.c, tif_lzw.c, and tif_aux.c. NOTE: Third parties were unable to reproduce the issue

NVD Severity

unknown

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
Third Party Advisory	http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00036.html
Third Party Advisory	http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00041.html
Third Party Advisory	http://packetstormsecurity.com/files/150896/LibTIFF-4.0.8-Memory-Leak.html
Mailing List	http://seclists.org/fulldisclosure/2018/Dec/32
Mailing List	http://seclists.org/fulldisclosure/2018/Dec/47
Mailing List	http://www.openwall.com/lists/oss-security/2017/11/01/11
Mailing List	http://www.openwall.com/lists/oss-security/2017/11/01/3
Mailing List	http://www.openwall.com/lists/oss-security/2017/11/01/7
Mailing List	http://www.openwall.com/lists/oss-security/2017/11/01/8
Third Party Advisory	http://www.securityfocus.com/bid/101696

Type

URI

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00036.html

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00041.html

Third Party Advisory

http://packetstormsecurity.com/files/150896/LibTIFF-4.0.8-Memory-Leak.html

Mailing List

http://seclists.org/fulldisclosure/2018/Dec/32

Mailing List

http://seclists.org/fulldisclosure/2018/Dec/47