CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2016-9536

tools/tiff2pdf.c in libtiff 4.0.6 has out-of-bounds write vulnerabilities in heap allocated buffers in t2p_process_jpeg_strip(). Reported as MSVR 35098, aka "t2p_process_jpeg_strip heap-buffer-overflow."

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 60.8%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

http://rhn.redhat.com/errata/RHSA-2017-0225.html
http://www.debian.org/security/2017/dsa-3762
http://www.securityfocus.com/bid/94484
http://www.securityfocus.com/bid/94745
https://github.com/vadz/libtiff/commit/83a4b92815ea04969d494416eaae3d4c6b338e4a#diff-5173a9b3b48146e4fd86d7b9b346115e
http://rhn.redhat.com/errata/RHSA-2017-0225.html
http://www.debian.org/security/2017/dsa-3762
http://www.securityfocus.com/bid/94484
http://www.securityfocus.com/bid/94745
https://github.com/vadz/libtiff/commit/83a4b92815ea04969d494416eaae3d4c6b338e4a#diff-5173a9b3b48146e4fd86d7b9b346115e

Products affected by CVE-2016-9536

Libtiff » Libtiff » Version: 4.0.6

cpe:2.3:a:libtiff:libtiff:4.0.6

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-9536

Products

Pricing

Contact Us