Your submission was sent successfully! Close

CVE-2015-8781

Published: 1 February 2016

tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bounds write) via an invalid number of samples per pixel in a LogL compressed TIFF image, a different vulnerability than CVE-2015-8782.

Priority

Low

CVSS 3 base score: 6.5

Status

Package Release Status
tiff
Launchpad, Ubuntu, Debian
precise
Released (3.9.5-2ubuntu1.9)
trusty
Released (4.0.3-7ubuntu0.4)
upstream
Released (4.0.6-1)
vivid Ignored
(reached end-of-life)
wily
Released (4.0.3-12.3ubuntu2.1)
xenial Not vulnerable
(4.0.6-1)
yakkety Not vulnerable
(4.0.6-1)
zesty Not vulnerable
(4.0.6-1)
Patches:
upstream: https://github.com/vadz/libtiff/commit/aaab5c3c9d2a2c6984f23ccbc79702610439bc65