CVE-2016-5652 - log back

CVE-2016-5652 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Local
Type
+ Arbitrary code execution
Description
+ An exploitable heap based buffer overflow exists in the handling of TIFF images in LibTIFF’s TIFF2PDF tool. A crafted TIFF document can lead to a heap based buffer overflow via JPEG Compression Tables resulting in remote code execution. This vulnerability can be triggered via a saved TIFF file delivered by other means.
References
+ http://www.talosintelligence.com/reports/TALOS-2016-0187/
+ https://github.com/vadz/libtiff/commit/b5d6803f0898e931cf772d3d0755704ab8488e63
Notes