---

CVE-2016-3620 - log back

CVE-2016-3620 created at 25 Sep 2019 19:31:40
Severity	+ Low
Remote	+ Local
Type	+ Denial of service
Description	+ An out-of-bounds read vulnerability has been discovered in ZIPEncode function in tif_zip.c. Running bmp2tiff on a specially crafted BMP file results in an application crash.
References	+ http://seclists.org/oss-sec/2016/q2/21 + http://bugzilla.maptools.org/show_bug.cgi?id=2570
Notes	+ bmp2tiff tool removed upstream in 4.0.7