LibTIFF CVE-2016-9536 Heap Buffer Overflow Vulnerability

The LibTIFF is prone to a heap-based buffer overflow vulnerability because it fails to properly bounds check user-supplied data before copying it into an insufficiently sized buffer.

Attackers can exploit this issue to execute arbitrary code within the context of affected application or cause denial-of-service condition.

LibTIFF 4.0.6 is vulnerable; other versions may also be affected.

NOTE: This issue was previously described in BID 94484 (LibTIFF Multiple Security Vulnerabilites) but has been given its own record to better document it.


 

Privacy Statement
Copyright 2010, SecurityFocus