AVG-87 log

Package lib32-libtiff
Status Fixed
Severity Critical
Type arbitrary code execution
Affected 4.0.7-1
Fixed 4.0.8-1
Current 4.6.0-2 [multilib]
Ticket FS#54842
Created Fri Nov 25 22:14:17 2016
Issue Severity Remote Type Description
CVE-2016-10095 High No Arbitrary code execution
A stack-based buffer overflow vulnerability was found in libtiff, in the _TIFFVGetField function in tif_dir.c, when running tiffslpit on crafted tiff file.
CVE-2015-7554 Critical Yes Arbitrary code execution
An Invalid memory write flaw was found in libtiff in the way it parsed certain extension tags when reading TIFF format files. An attacker could use this...
Date Advisory Package Type
18 Jul 2017 ASA-201707-18 lib32-libtiff arbitrary code execution