Vulnerability Details CVE-2016-10266
LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image, related to libtiff/tif_read.c:351:22.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 66.9%
CVSS Severity
CVSS v3 Score 5.5
CVSS v2 Score 4.3
References
- http://www.debian.org/security/2017/dsa-3844
- http://www.securityfocus.com/bid/97115
- https://blogs.gentoo.org/ago/2017/01/01/libtiff-multiple-divide-by-zero
- https://github.com/vadz/libtiff/commit/438274f938e046d33cb0e1230b41da32ffe223e1
- https://usn.ubuntu.com/3602-1/
- http://www.debian.org/security/2017/dsa-3844
- http://www.securityfocus.com/bid/97115
- https://blogs.gentoo.org/ago/2017/01/01/libtiff-multiple-divide-by-zero
- https://github.com/vadz/libtiff/commit/438274f938e046d33cb0e1230b41da32ffe223e1
- https://usn.ubuntu.com/3602-1/