CVE-2018-10963

Source
Severity Medium
Remote Yes
Type Denial of service
Description
The TIFFWriteDirectorySec() function in tif_dirwrite.c in LibTIFF before 4.0.10 allows remote attackers to cause a denial of service (assertion failure and application crash) via a crafted file.
Group Package Affected Fixed Severity Status Ticket
AVG-813 libtiff 4.0.9-1 4.0.9-2 High Fixed
AVG-791 lib32-libtiff 4.0.9-1 4.0.10-1 High Fixed FS#60599
Date Advisory Group Package Severity Description
20 Nov 2018 ASA-201811-18 AVG-791 lib32-libtiff High multiple issues
References
http://bugzilla.maptools.org/show_bug.cgi?id=2795
https://gitlab.com/libtiff/libtiff/commit/de144fd228e4be8aa484c3caf3d814b6fa88c6d9
Notes
A different vulnerability than CVE-2017-13726.