LibTIFF CVE-2017-16232 Multiple Local Memory Corruption Vulnerabilities



LibTIFF is prone to multiple local memory-corruption vulnerabilities.

Attackers can exploit these issues to obtain sensitive information or to crash the affected application, resulting in a denial-of-service condition.

LibTIFF 4.0.8 is affected; other versions may also be affected.

Information

Bugtraq ID: 101696
Class: Boundary Condition Error
CVE: CVE-2017-16232

Remote: No
Local: Yes
Published: Oct 30 2017 12:00AM
Updated: Nov 07 2017 06:06PM
Credit: ZHANG JIAWANG from cncert.
Vulnerable: LibTIFF LibTIFF 4.0.8


Not Vulnerable:

Exploit


The researcher has created a proof-of-concept to demonstrate the issue. Please see the references for more information.


References:

Related Posts