CVE-2017-5225 - OpenCVE

LibTIFF version 4.0.7 is vulnerable to a heap buffer overflow in the tools/tiffcp resulting in DoS or code execution via a crafted BitsPerSample value.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Libtiff	Libtiff

Configuration 1 [-]

cpe:2.3:a:libtiff:libtiff:4.0.7:*:*:*:*:*:*:*

References

Link	Resource
http://bugzilla.maptools.org/show_bug.cgi?id=2656	Exploit Issue Tracking
http://bugzilla.maptools.org/show_bug.cgi?id=2657	Exploit Issue Tracking
http://www.debian.org/security/2017/dsa-3844
http://www.securityfocus.com/bid/95413	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1037911
https://github.com/vadz/libtiff/commit/5c080298d59efa53264d7248bbe3a04660db6ef7	Patch
https://security.gentoo.org/glsa/201709-27

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2017-01-12T11:00:00

Updated: 2017-11-03T18:57:01

Reserved: 2017-01-09T00:00:00

Link: CVE-2017-5225

JSON object: View

NVD Information

Status : Modified

Published: 2017-01-12T11:59:00.133

Modified: 2017-11-04T01:29:43.163

Link: CVE-2017-5225

JSON object: View

Redhat Information

No data.

CWE

CWE-119

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2017-01-12T00:00:00", "descriptions": [{"lang": "en", "value": "LibTIFF version 4.0.7 is vulnerable to a heap buffer overflow in the tools/tiffcp resulting in DoS or code execution via a crafted BitsPerSample value."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-11-03T18:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "DSA-3844", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2017/dsa-3844"}, {"name": "GLSA-201709-27", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/201709-27"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://bugzilla.maptools.org/show_bug.cgi?id=2656"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://bugzilla.maptools.org/show_bug.cgi?id=2657"}, {"name": "1037911", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1037911"}, {"name": "95413", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/95413"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/vadz/libtiff/commit/5c080298d59efa53264d7248bbe3a04660db6ef7"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-5225", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "LibTIFF version 4.0.7 is vulnerable to a heap buffer overflow in the tools/tiffcp resulting in DoS or code execution via a crafted BitsPerSample value."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "DSA-3844", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2017/dsa-3844"}, {"name": "GLSA-201709-27", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201709-27"}, {"name": "http://bugzilla.maptools.org/show_bug.cgi?id=2656", "refsource": "CONFIRM", "url": "http://bugzilla.maptools.org/show_bug.cgi?id=2656"}, {"name": "http://bugzilla.maptools.org/show_bug.cgi?id=2657", "refsource": "CONFIRM", "url": "http://bugzilla.maptools.org/show_bug.cgi?id=2657"}, {"name": "1037911", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1037911"}, {"name": "95413", "refsource": "BID", "url": "http://www.securityfocus.com/bid/95413"}, {"name": "https://github.com/vadz/libtiff/commit/5c080298d59efa53264d7248bbe3a04660db6ef7", "refsource": "CONFIRM", "url": "https://github.com/vadz/libtiff/commit/5c080298d59efa53264d7248bbe3a04660db6ef7"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2017-5225", "datePublished": "2017-01-12T11:00:00", "dateReserved": "2017-01-09T00:00:00", "dateUpdated": "2017-11-03T18:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:libtiff:libtiff:4.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "FE968DD2-24BE-4417-A6DF-D79E40E07766", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "LibTIFF version 4.0.7 is vulnerable to a heap buffer overflow in the tools/tiffcp resulting in DoS or code execution via a crafted BitsPerSample value."}, {"lang": "es", "value": "LibTIFF en la versi\u00f3n 4.0.7 es vulnerable a un desbordamiento de b\u00fafer de memoria din\u00e1mica en tools/tiffcp resultando en un DoS o ejecuci\u00f3n de c\u00f3digo a trav\u00e9s de un valor BitsPerSample manipulado."}], "id": "CVE-2017-5225", "lastModified": "2017-11-04T01:29:43.163", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-01-12T11:59:00.133", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Issue Tracking"], "url": "http://bugzilla.maptools.org/show_bug.cgi?id=2656"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Issue Tracking"], "url": "http://bugzilla.maptools.org/show_bug.cgi?id=2657"}, {"source": "cve@mitre.org", "url": "http://www.debian.org/security/2017/dsa-3844"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/95413"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id/1037911"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "https://github.com/vadz/libtiff/commit/5c080298d59efa53264d7248bbe3a04660db6ef7"}, {"source": "cve@mitre.org", "url": "https://security.gentoo.org/glsa/201709-27"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}