Your submission was sent successfully! Close

CVE-2018-5360

Published: 14 January 2018

LibTIFF before 4.0.6 mishandles the reading of TIFF files, as demonstrated by a heap-based buffer over-read in the ReadTIFFImage function in coders/tiff.c in GraphicsMagick 1.3.27.

Priority

Low

CVSS 3 base score: 8.8

Status

Package Release Status
tiff
Launchpad, Ubuntu, Debian
Upstream
Released (4.0.7)
Ubuntu 18.04 LTS (Bionic Beaver) Not vulnerable
(4.0.7-1)
Ubuntu 16.04 ESM (Xenial Xerus)
Released (4.0.6-1ubuntu0.1)
Ubuntu 14.04 ESM (Trusty Tahr)
Released (4.0.3-7ubuntu0.6)
Patches:
Upstream: https://gitlab.com/libtiff/libtiff/commit/739dcd28a061738b317c1e9f91029d9cbc157159