LibTIFF 'tif_dir.c' Denial of Service Vulnerability

LibTIFF is prone to a denial-of-service vulnerability.

Attackers can exploit this issue to cause denial-of-service conditions.

LibTIFF 4.0.7 is vulnerable; other versions may also be affected.


Bugtraq ID: 98594
Class: Design Error
CVE: CVE-2017-9147

Remote: Yes
Local: No
Published: May 22 2017 12:00AM
Updated: Jul 06 2017 09:05AM
Credit: The vendor reported this issue.
Vulnerable: LibTIFF LibTIFF 4.0.7
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64

Not Vulnerable:


The researcher has created a proof-of-concept to demonstrate the issue. Please see the references for more information.

Related Posts