Vulnerability Details CVE-2017-17973
In LibTIFF 4.0.8, there is a heap-based use-after-free in the t2p_writeproc function in tiff2pdf.c. NOTE: there is a third-party report of inability to reproduce this issue
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 50.4%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.8
References
- http://bugzilla.maptools.org/show_bug.cgi?id=2769
- http://www.securityfocus.com/bid/102331
- https://bugzilla.novell.com/show_bug.cgi?id=1074318
- https://bugzilla.redhat.com/show_bug.cgi?id=1530912
- http://bugzilla.maptools.org/show_bug.cgi?id=2769
- http://www.securityfocus.com/bid/102331
- https://bugzilla.novell.com/show_bug.cgi?id=1074318
- https://bugzilla.redhat.com/show_bug.cgi?id=1530912