CVE-2017-17973 - OpenCVE

In LibTIFF 4.0.8, there is a heap-based use-after-free in the t2p_writeproc function in tiff2pdf.c. NOTE: there is a third-party report of inability to reproduce this issue

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Libtiff	Libtiff

Configuration 1 [-]

cpe:2.3:a:libtiff:libtiff:4.0.8:*:*:*:*:*:*:*

References

Link	Resource
http://bugzilla.maptools.org/show_bug.cgi?id=2769	Exploit Issue Tracking Third Party Advisory
http://www.securityfocus.com/bid/102331	VDB Entry Third Party Advisory
https://bugzilla.novell.com/show_bug.cgi?id=1074318
https://bugzilla.redhat.com/show_bug.cgi?id=1530912

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2017-12-29T21:00:00

Updated: 2024-06-04T17:11:54.292Z

Reserved: 2017-12-29T00:00:00

Link: CVE-2017-17973

JSON object: View

NVD Information

Status : Modified

Published: 2017-12-29T21:29:00.190

Modified: 2024-06-04T19:16:54.477

Link: CVE-2017-17973

JSON object: View

Redhat Information

No data.

CWE

CWE-416

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2017-12-29T00:00:00", "descriptions": [{"lang": "en", "value": "In LibTIFF 4.0.8, there is a heap-based use-after-free in the t2p_writeproc function in tiff2pdf.c. NOTE: there is a third-party report of inability to reproduce this issue"}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-02-11T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://bugzilla.maptools.org/show_bug.cgi?id=2769"}, {"tags": ["x_refsource_MISC"], "url": "https://bugzilla.novell.com/show_bug.cgi?id=1074318"}, {"name": "102331", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/102331"}, {"tags": ["x_refsource_MISC"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1530912"}], "tags": ["disputed"], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-17973", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "** DISPUTED ** In LibTIFF 4.0.8, there is a heap-based use-after-free in the t2p_writeproc function in tiff2pdf.c. NOTE: there is a third-party report of inability to reproduce this issue."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://bugzilla.maptools.org/show_bug.cgi?id=2769", "refsource": "MISC", "url": "http://bugzilla.maptools.org/show_bug.cgi?id=2769"}, {"name": "https://bugzilla.novell.com/show_bug.cgi?id=1074318", "refsource": "MISC", "url": "https://bugzilla.novell.com/show_bug.cgi?id=1074318"}, {"name": "102331", "refsource": "BID", "url": "http://www.securityfocus.com/bid/102331"}, {"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1530912", "refsource": "MISC", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1530912"}]}}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2017-17973", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-04-22T20:05:47.692364Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:11:54.292Z"}}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2017-17973", "datePublished": "2017-12-29T21:00:00", "dateReserved": "2017-12-29T00:00:00", "dateUpdated": "2024-06-04T17:11:54.292Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:libtiff:libtiff:4.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "9B3BFA08-D819-4896-8E7B-FEDF1711C407", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In LibTIFF 4.0.8, there is a heap-based use-after-free in the t2p_writeproc function in tiff2pdf.c. NOTE: there is a third-party report of inability to reproduce this issue"}, {"lang": "es", "value": "** EN DISPUTA ** En LibTIFF 4.0.8, hay un uso de memoria din\u00e1mica (heap) previamente liberada en la funci\u00f3n t2p_writeproc en tiff2pdf.c. NOTA: hay un informe de terceros que establece que es imposible reproducir este problema."}], "id": "CVE-2017-17973", "lastModified": "2024-06-04T19:16:54.477", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-12-29T21:29:00.190", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Issue Tracking", "Third Party Advisory"], "url": "http://bugzilla.maptools.org/show_bug.cgi?id=2769"}, {"source": "cve@mitre.org", "tags": ["VDB Entry", "Third Party Advisory"], "url": "http://www.securityfocus.com/bid/102331"}, {"source": "cve@mitre.org", "url": "https://bugzilla.novell.com/show_bug.cgi?id=1074318"}, {"source": "cve@mitre.org", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1530912"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-416"}], "source": "nvd@nist.gov", "type": "Primary"}]}