CVE-2014-8127

Source
Severity Medium
Remote Yes
Type Information disclosure
Description
LibTIFF provides support for the Tag Image File Format (TIFF), a widely used format for storing image data. It is composed of a library for working with TIFF files along with a small collection of tools for doing simple manipulations of TIFF images.
Multiple out-of-bounds reads can be triggered with malformed TIFF images in the following LibTIFF tools: thumbnail, tiff2bw, tiff2rgba, tiff2ps, tiffdither, tiffmedian, tiffset
Group Package Affected Fixed Severity Status Ticket
AVG-86 lib32-libtiff 4.0.6-2 4.0.7-1 Critical Fixed
AVG-85 libtiff 4.0.6-2 4.0.7-1 Critical Fixed
Date Advisory Group Package Severity Description
25 Nov 2016 ASA-201611-27 AVG-86 lib32-libtiff Critical multiple issues
25 Nov 2016 ASA-201611-26 AVG-85 libtiff Critical multiple issues
References
http://www.conostix.com/pub/adv/CVE-2014-8127-LibTIFF-Out-of-bounds_Reads.txt