CVE-2016-3632

Published on: 09/21/2016 12:00:00 AM UTC

Last Modified on: 03/23/2021 11:27:03 PM UTC

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Certain versions of Libtiff from Libtiff contain the following vulnerability:

The _TIFFVGetField function in tif_dirinfo.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via a crafted TIFF image.

  • CVE-2016-3632 has been assigned by URL Logo [email protected] to track the vulnerability - currently rated as HIGH severity.

CVSS3 Score: 7.8 - HIGH

Attack
Vector
Attack
Complexity
Privileges
Required
User
Interaction
LOCAL LOW NONE REQUIRED
Scope Confidentiality
Impact
Integrity
Impact
Availability
Impact
UNCHANGED HIGH HIGH HIGH

CVSS2 Score: 6.8 - MEDIUM

Access
Vector
Access
Complexity
Authentication
NETWORK MEDIUM NONE
Confidentiality
Impact
Integrity
Impact
Availability
Impact
PARTIAL PARTIAL PARTIAL

CVE References

Description Tags Link
libTIFF: Multiple vulnerabilities (GLSA 201701-16) — Gentoo Security security.gentoo.org
text/html
URL Logo GENTOO GLSA-201701-16
Oracle Linux Bulletin - July 2016 web.archive.org
text/html
Inactive LinkNot Archived
URL Logo CONFIRM www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
LibTIFF '_TIFFVGetField()' Function Arbitrary Command Execution Vulnerability cve.report (archive)
text/html
URL Logo BID 85953
Red Hat Customer Portal web.archive.org
text/html
Inactive LinkNot Archived
URL Logo REDHAT RHSA-2016:1546
Oracle VM Server for x86 Bulletin - July 2016 Patch
Third Party Advisory
web.archive.org
text/html
Inactive LinkNot Archived
URL Logo CONFIRM www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
Red Hat Customer Portal web.archive.org
text/html
Inactive LinkNot Archived
URL Logo REDHAT RHSA-2016:1547
oss-security - CVE-2016-3632 - libtiff 4.0.6 illegel write Mailing List
Third Party Advisory
www.openwall.com
text/html
URL Logo MLIST [oss-security] 20160408 CVE-2016-3632 - libtiff 4.0.6 illegel write
LibTIFF CVE-2016-3945 Arbitrary Command Execution Vulnerability Third Party Advisory
VDB Entry
cve.report (archive)
text/html
URL Logo BID 85960
Bug 1325095 – CVE-2016-3632 libtiff: out-of-bounds write in _TIFFVGetField function Issue Tracking
bugzilla.redhat.com
text/html
URL Logo CONFIRM bugzilla.redhat.com/show_bug.cgi?id=1325095
Bug 2549 – CVE-2016-3632: illegal write <= 4.0.6 Issue Tracking
bugzilla.maptools.org
text/html
URL Logo CONFIRM bugzilla.maptools.org/show_bug.cgi?id=2549

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
ApplicationLibtiffLibtiffAllAllAllAll
Operating
System
OracleVm Server3.3AllAllAll
Operating
System
OracleVm Server3.4AllAllAll
Operating
System
OracleVm Server3.3AllAllAll
Operating
System
OracleVm Server3.4AllAllAll
  • cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*:
  • cpe:2.3:o:oracle:vm_server:3.3:*:*:*:*:*:x86:*:
  • cpe:2.3:o:oracle:vm_server:3.4:*:*:*:*:*:x86:*:
  • cpe:2.3:o:oracle:vm_server:3.3:*:*:*:*:*:x86:*:
  • cpe:2.3:o:oracle:vm_server:3.4:*:*:*:*:*:x86:*: