LibTIFF CVE-2017-17973 Memory Corruption Vulnerability

LibTIFF is prone to a remote memory-corruption vulnerability.

An attacker could exploit this issue to execute arbitrary code in the context of the application using the affected library. Failed exploit attempts may result in denial-of-service conditions.

LibTIFF 4.0.8 is vulnerable; other versions may also be affected.


Bugtraq ID: 102331
Class: Failure to Handle Exceptional Conditions
CVE: CVE-2017-17973

Remote: Yes
Local: No
Published: Dec 29 2017 12:00AM
Updated: Dec 29 2017 12:00AM
Credit: xiaosatianyu
Vulnerable: LibTIFF LibTIFF 4.0.8

Not Vulnerable:


The researcher who discovered this issue has created a proof-of-concept. Please see the references for more information.

Related Posts