CVE-2015-7554 log
| Source |
|
| Severity | Critical |
| Remote | Yes |
| Type | Arbitrary code execution |
| Description | An Invalid memory write flaw was found in libtiff in the way it parsed certain extension tags when reading TIFF format files. An attacker could use this flaw to crash or even execute arbitrary code with the permission of the user running such an application compiled against libtiff. |
| Group | Package | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|---|
| AVG-87 | lib32-libtiff | 4.0.7-1 | 4.0.8-1 | Critical | Fixed | FS#54842 |
| AVG-5 | libtiff | 4.0.8-1 | 4.0.8-2 | Critical | Fixed | FS#54842 |
| Date | Advisory | Group | Package | Severity | Type |
|---|---|---|---|---|---|
| 18 Jul 2017 | ASA-201707-18 | AVG-87 | lib32-libtiff | Critical | arbitrary code execution |
| 18 Jul 2017 | ASA-201707-17 | AVG-5 | libtiff | Critical | arbitrary code execution |
| References |
|---|
http://seclists.org/oss-sec/2015/q4/590 http://bugzilla.maptools.org/show_bug.cgi?id=2564 |