CVE-2016-5319

Source
Severity High
Remote No
Type Arbitrary code execution
Description
Heap-based buffer overflow vulnerability was found in tif_packbits.c in PackBitsEncode function. Memory corruption can be triggered when bmp2tiff is handling maliciously crafted bmp file causing application to crash or possibly execute arbitrary code.
Group Package Affected Fixed Severity Status Ticket
AVG-86 lib32-libtiff 4.0.6-2 4.0.7-1 Critical Fixed
AVG-85 libtiff 4.0.6-2 4.0.7-1 Critical Fixed
Date Advisory Group Package Severity Description
25 Nov 2016 ASA-201611-27 AVG-86 lib32-libtiff Critical multiple issues
25 Nov 2016 ASA-201611-26 AVG-85 libtiff Critical multiple issues
References
http://bugzilla.maptools.org/show_bug.cgi?id=2562
http://seclists.org/oss-sec/2016/q2/486
Notes
reproducer:  http://bugzilla.maptools.org/attachment.cgi?id=652
bmp2tiff has been removed in libtiff 4.0.7