Your submission was sent successfully! Close

You have successfully unsubscribed! Close

CVE-2016-5102

Published: 6 February 2017

Buffer overflow in the readgifimage function in gif2tiff.c in the gif2tiff tool in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (segmentation fault) via a crafted gif file.

Notes

Author	Note
mdeslaur	upstream removed the gif2tiff utility in 4.0.7 we will not be fixing this issue in precise/esm

Priority

CVSS 3 base score: 5.5

Status

Package	Release	Status
tiff Launchpad, Ubuntu, Debian	artful	Not vulnerable (4.0.7-1)
	precise	Ignored
	trusty	Released (4.0.3-7ubuntu0.9)
	upstream	Released (4.0.6-3)
	wily	Ignored (reached end-of-life)
	xenial	Released (4.0.6-1ubuntu0.4)
	yakkety	Ignored (reached end-of-life)
	zesty	Not vulnerable (4.0.7-1)

References

Bugs

http://bugzilla.maptools.org/show_bug.cgi?id=2552

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

Further reading