CVE-2016-10095

Source
Severity High
Remote No
Type Arbitrary code execution
Description
A stack-based buffer overflow vulnerability was found in libtiff, in the _TIFFVGetField function in tif_dir.c, when running tiffslpit on crafted tiff file.
Group Package Affected Fixed Severity Status Ticket
AVG-87 lib32-libtiff 4.0.7-1 4.0.8-1 Critical Fixed FS#54842
AVG-5 libtiff 4.0.8-1 4.0.8-2 Critical Fixed FS#54842
Date Advisory Group Package Severity Description
18 Jul 2017 ASA-201707-18 AVG-87 lib32-libtiff Critical arbitrary code execution
18 Jul 2017 ASA-201707-17 AVG-5 libtiff Critical arbitrary code execution
References
http://seclists.org/oss-sec/2017/q1/10
https://blogs.gentoo.org/ago/2017/01/01/libtiff-stack-based-buffer-overflow-in-_tiffvgetfield-tif_dir-c/
Notes
Reproducer:
https://github.com/asarubbo/poc/blob/master/00104-libtiff-stackoverflow-_TIFFVGetField