CVE-2016-5314

Summary

CVE	CVE-2016-5314
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2018-03-12 02:29:00 UTC
Updated	2018-04-05 16:56:00 UTC
Description	Buffer overflow in the PixarLogDecode function in tif_pixarlog.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by overwriting the vgetparent function pointer with rgb2ycbcr.

Risk And Classification

Problem Types: CWE-787

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Operating System	Debian	Debian Linux	8.0	All	All	All
Operating System	Debian	Debian Linux	9.0	All	All	All
Operating System	Debian	Debian Linux	8.0	All	All	All
Operating System	Debian	Debian Linux	9.0	All	All	All
Application	Libtiff	Libtiff	All	All	All	All
Operating System	Opensuse	Leap	42.1	All	All	All
Operating System	Opensuse	Leap	42.1	All	All	All
Operating System	Opensuse	Opensuse	13.1	All	All	All
Operating System	Opensuse	Opensuse	13.2	All	All	All
Operating System	Opensuse	Opensuse	13.1	All	All	All
Operating System	Opensuse	Opensuse	13.2	All	All	All
Operating System	Redhat	Enterprise Linux	6.0	All	All	All
Operating System	Redhat	Enterprise Linux	7.0	All	All	All
Operating System	Redhat	Enterprise Linux	6.0	All	All	All
Operating System	Redhat	Enterprise Linux	7.0	All	All	All

References

Reference	Source	Link	Tags
libTIFF CVE-2016-5320 Remote Code Execution Vulnerability	BID	www.securityfocus.com	Third Party Advisory, VDB Entry
oss-security - CVE-2016-5320: libtiff 4.0.6 rgb2ycbcr: command excution	MLIST	www.openwall.com	Mailing List
openSUSE-SU-2016:2375-1: moderate: tiff	SUSE	lists.opensuse.org	Third Party Advisory
libTIFF: Multiple vulnerabilities (GLSA 201701-16) — Gentoo Security	GENTOO	security.gentoo.org	Third Party Advisory
* libtiff/tif_pixarlog.c: fix potential buffer write overrun in · vadz/libtiff@391e77f · GitHub	CONFIRM	github.com	Patch
LibTIFF 'PixarLogDecode()' Function Out of Bounds Read Denial of Service Vulnerability	BID	www.securityfocus.com	Third Party Advisory, VDB Entry
Bug 2554 – CVE-2016-5314: libtiff 4.0.6 PixarLogDecode() out-of-bound writes	CONFIRM	bugzilla.maptools.org	Exploit, Issue Tracking
oss-security - CVE-2016-5314：libtiff 4.0.6 PixarLogDecode() out-of-bound writes	MLIST	www.openwall.com	Mailing List
Debian -- Security Information -- DSA-3762-1 tiff	DEBIAN	www.debian.org	Third Party Advisory
Oracle VM Server for x86 Bulletin - July 2016	CONFIRM	www.oracle.com	Third Party Advisory
[security-announce] openSUSE-SU-2016:3035-1: important: Security update	SUSE	lists.opensuse.org	Third Party Advisory
openSUSE-SU-2016:2321-1: moderate: Security update for tiff	SUSE	lists.opensuse.org	Third Party Advisory
oss-security - Re: Re: CVE request: Heap-based buffer overflow in LibTIFF when using the PixarLog compression format	MLIST	www.openwall.com	Mailing List
1346687 – (CVE-2016-5320) CVE-2016-5320 libtiff: Out-of-bounds write in PixarLogDecode() function in tif_pixarlog.c	CONFIRM	bugzilla.redhat.com	Issue Tracking, Third Party Advisory
openSUSE-SU-2016:1889-1: moderate: Security update for tiff	SUSE	lists.opensuse.org	Third Party Advisory
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

Legacy QID Mappings

710479 Gentoo Linux libTIFF Multiple Vulnerabilities (GLSA 201701-16)