CVE-2016-10268 - OpenCVE

tools/tiffcp.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (integer underflow and heap-based buffer under-read) or possibly have unspecified other impact via a crafted TIFF image, related to "READ of size 78490" and libtiff/tif_unix.c:115:23.

No CVSS v3.1

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Libtiff	Libtiff

Configuration 1 [-]

cpe:2.3:a:libtiff:libtiff:4.0.7:*:*:*:*:*:*:*

References

Link	Resource
http://www.securityfocus.com/bid/97202
https://blogs.gentoo.org/ago/2017/01/01/libtiff-multiple-heap-based-buffer-overflow/	Patch Third Party Advisory VDB Entry
https://github.com/vadz/libtiff/commit/5397a417e61258c69209904e652a1f409ec3b9df	Issue Tracking Patch Third Party Advisory
https://security.gentoo.org/glsa/201709-27
https://usn.ubuntu.com/3602-1/

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2017-03-24T19:00:00

Updated: 2018-03-21T09:57:01

Reserved: 2017-03-24T00:00:00

Link: CVE-2016-10268

JSON object: View

NVD Information

Status : Modified

Published: 2017-03-24T19:59:00.220

Modified: 2018-03-22T01:29:00.423

Link: CVE-2016-10268

JSON object: View

Redhat Information

No data.

CWE

CWE-191

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2017-03-24T00:00:00", "descriptions": [{"lang": "en", "value": "tools/tiffcp.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (integer underflow and heap-based buffer under-read) or possibly have unspecified other impact via a crafted TIFF image, related to \"READ of size 78490\" and libtiff/tif_unix.c:115:23."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-03-21T09:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://blogs.gentoo.org/ago/2017/01/01/libtiff-multiple-heap-based-buffer-overflow/"}, {"name": "GLSA-201709-27", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/201709-27"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/vadz/libtiff/commit/5397a417e61258c69209904e652a1f409ec3b9df"}, {"name": "USN-3602-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/3602-1/"}, {"name": "97202", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/97202"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2016-10268", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "tools/tiffcp.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (integer underflow and heap-based buffer under-read) or possibly have unspecified other impact via a crafted TIFF image, related to \"READ of size 78490\" and libtiff/tif_unix.c:115:23."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://blogs.gentoo.org/ago/2017/01/01/libtiff-multiple-heap-based-buffer-overflow/", "refsource": "MISC", "url": "https://blogs.gentoo.org/ago/2017/01/01/libtiff-multiple-heap-based-buffer-overflow/"}, {"name": "GLSA-201709-27", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201709-27"}, {"name": "https://github.com/vadz/libtiff/commit/5397a417e61258c69209904e652a1f409ec3b9df", "refsource": "MISC", "url": "https://github.com/vadz/libtiff/commit/5397a417e61258c69209904e652a1f409ec3b9df"}, {"name": "USN-3602-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3602-1/"}, {"name": "97202", "refsource": "BID", "url": "http://www.securityfocus.com/bid/97202"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2016-10268", "datePublished": "2017-03-24T19:00:00", "dateReserved": "2017-03-24T00:00:00", "dateUpdated": "2018-03-21T09:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:libtiff:libtiff:4.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "FE968DD2-24BE-4417-A6DF-D79E40E07766", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "tools/tiffcp.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (integer underflow and heap-based buffer under-read) or possibly have unspecified other impact via a crafted TIFF image, related to \"READ of size 78490\" and libtiff/tif_unix.c:115:23."}, {"lang": "es", "value": "tools/tiffcp.c en LibTIFF 4.0.7 permite a los atacantes remotos causar una denegaci\u00f3n de servicio (desbordamiento inferior de enteros y lectura inferior de b\u00fafer basado en memoria din\u00e1mica) o posiblemente tener otro impacto no especificado a trav\u00e9s de una imagen TIFF manipulada, relacionado con \"READ de tama\u00f1o 78490\" y libtiff/tif_unix.c:115:23."}], "id": "CVE-2016-10268", "lastModified": "2018-03-22T01:29:00.423", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-03-24T19:59:00.220", "references": [{"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/97202"}, {"source": "cve@mitre.org", "tags": ["Patch", "Third Party Advisory", "VDB Entry"], "url": "https://blogs.gentoo.org/ago/2017/01/01/libtiff-multiple-heap-based-buffer-overflow/"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://github.com/vadz/libtiff/commit/5397a417e61258c69209904e652a1f409ec3b9df"}, {"source": "cve@mitre.org", "url": "https://security.gentoo.org/glsa/201709-27"}, {"source": "cve@mitre.org", "url": "https://usn.ubuntu.com/3602-1/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-191"}], "source": "nvd@nist.gov", "type": "Primary"}]}