Package lib32-libtiff
Status Vulnerable
Severity High
Type arbitrary code execution
Affected 4.0.9-1
Fixed Unknown
Current 4.0.9-1 [multilib]
Ticket FS#60599
Created Fri Oct 26 12:35:22 2018
Issue Severity Remote Type Description
CVE-2018-18557 High Yes Arbitrary code execution
libtiff up to and including 4.0.9 decodes arbitrarily-sized JBIG into a buffer, ignoring the buffer size. The issue occurs because JBIGDecode() entirely...