AVG-790

Package libtiff
Status Vulnerable
Severity High
Type arbitrary code execution
Affected 4.0.9-2
Fixed Unknown
Current 4.0.9-2 [extra]
Ticket FS#60599
Created Fri Oct 26 12:35:05 2018
Issue Severity Remote Type Description
CVE-2018-18557 High Yes Arbitrary code execution
libtiff up to and including 4.0.9 decodes arbitrarily-sized JBIG into a buffer, ignoring the buffer size. The issue occurs because JBIGDecode() entirely...