CVE-2017-7595

Source
Severity Medium
Remote Yes
Type Denial of service
Description
A security issue has been found in libtiff before 4.0.8, where a crafted tiff image can cause a division by zero in JPEGSetupEncode(), leading to denial of service.
Group Package Affected Fixed Severity Status Ticket
AVG-817 lib32-libtiff 4.0.7-2 4.0.7-3 Medium Fixed
AVG-237 libtiff 4.0.7-2 4.0.7-3 Medium Fixed
Date Advisory Group Package Severity Description
28 Apr 2017 ASA-201704-10 AVG-237 libtiff Medium multiple issues
References
https://blogs.gentoo.org/ago/2017/04/01/libtiff-divide-by-zero-in-jpegsetupencode-tiff_jpeg-c/
https://github.com/vadz/libtiff/commit/47f2fb61a3a64667bce1a8398a8fcb1b348ff122
http://seclists.org/oss-sec/2017/q2/38