CVE-2017-18013

Source
Severity Medium
Remote Yes
Type Denial of service
Description
A null-pointer dereference issue has been found in libtiff before 4.0.10, in the TIFFPrintDirectory() function in tiffinfo.c, while parsing the "1 Strips: " section of a crafted image, as demonstrated by a tiffinfo tool crash.
Group Package Affected Fixed Severity Status Ticket
AVG-813 libtiff 4.0.9-1 4.0.9-2 High Fixed
AVG-791 lib32-libtiff 4.0.9-1 4.0.10-1 High Fixed FS#60599
Date Advisory Group Package Severity Description
20 Nov 2018 ASA-201811-18 AVG-791 lib32-libtiff High multiple issues
References
http://bugzilla.maptools.org/show_bug.cgi?id=2770
https://gitlab.com/libtiff/libtiff/commit/c6f41df7b581402dfba3c19a1e3df4454c551a01