Your submission was sent successfully! Close

CVE-2016-3634

Published: 03 October 2016

The tagCompare function in tif_dirinfo.c in the thumbnail tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to field_tag matching.

Priority

Negligible

CVSS 3 base score: 7.5

Status

Package Release Status
tiff
Launchpad, Ubuntu, Debian
Upstream
Released (4.0.6-3)
Ubuntu 16.04 ESM (Xenial Xerus) Ignored

Ubuntu 14.04 ESM (Trusty Tahr) Ignored

Notes

AuthorNote
mdeslaur
upstream removed the thumbnail utility in 4.0.7
DoS in thumbnail tool
we will not be fixing this minor issue, marking as ignored

References

Bugs