LibTIFF CVE-2016-9538 Integer Overflow Vulnerability
The LibTIFF is prone to an integer-overflow vulnerability because it fails to properly bounds check user-supplied data before copying it into an insufficiently sized buffer.
An attacker can exploit this issue to cause denial-of-service condition. Due to the nature of this issue, arbitrary code execution may be possible but this has not been confirmed.
LibTIFF 4.0.6 is vulnerable; other versions may also be affected.
NOTE: This issue was previously described in BID 94484 (LibTIFF Multiple Security Vulnerabilites) but has been given its own record to better document it.