Your submission was sent successfully! Close

CVE-2015-8784

Published: 31 December 2015

The NeXTDecode function in tif_next.c in LibTIFF allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted TIFF image, as demonstrated by libtiff5.tif.

Priority

Low

CVSS 3 base score: 6.5

Status

Package Release Status
tiff
Launchpad, Ubuntu, Debian
precise
Released (3.9.5-2ubuntu1.9)
trusty
Released (4.0.3-7ubuntu0.4)
upstream
Released (4.0.6-1)
vivid Ignored
(reached end-of-life)
wily
Released (4.0.3-12.3ubuntu2.1)
xenial Not vulnerable
(4.0.6-1)
yakkety Not vulnerable
(4.0.6-1)
zesty Not vulnerable
(4.0.6-1)