Vulnerability Details CVE-2016-3186
Buffer overflow in the readextension function in gif2tiff.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (application crash) via a crafted GIF file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 70.7%
CVSS Severity
CVSS v3 Score 6.2
CVSS v2 Score 5.0
References
- http://lists.opensuse.org/opensuse-updates/2016-04/msg00064.html
- http://lists.opensuse.org/opensuse-updates/2016-04/msg00075.html
- http://www.securitytracker.com/id/1035442
- https://access.redhat.com/errata/RHSA-2019:2053
- https://bugzilla.redhat.com/show_bug.cgi?id=1319503
- https://security.gentoo.org/glsa/201701-16
- https://usn.ubuntu.com/3606-1/
- http://lists.opensuse.org/opensuse-updates/2016-04/msg00064.html
- http://lists.opensuse.org/opensuse-updates/2016-04/msg00075.html
- http://www.securitytracker.com/id/1035442
- https://access.redhat.com/errata/RHSA-2019:2053
- https://bugzilla.redhat.com/show_bug.cgi?id=1319503
- https://security.gentoo.org/glsa/201701-16
- https://usn.ubuntu.com/3606-1/