Home
Packages
Forums
Wiki
GitLab
Security
AUR
Download

issues
advisories
todo
stats
log
login

CVE-2016-5317 - log back

CVE-2016-5317 created at 25 Sep 2019 19:31:40

Severity

+

Critical

Remote

+

Remote

Type

+	Arbitrary code execution

Description

+	An out-of-bounds write vulnerability was found in the PixarLogDecode() function in libtiff. A maliciously crafted TIFF file could cause the application to crash or possibly execute arbitrary code when generating a thumbnail for it.

References

+	http://www.openwall.com/lists/oss-security/2016/06/15/5
+	http://bugzilla.maptools.org/show_bug.cgi?id=2554

Notes

+	Reproducer http://bugzilla.maptools.org/attachment.cgi?id=653