CVE-2018-18661

Source
Severity Medium
Remote Yes
Type Denial of service
Description
A null-pointer dereference has been found in LibTIFF before 4.0.10 in the LZWDecode() function in the file tif_lzw.c.
Group Package Affected Fixed Severity Status Ticket
AVG-791 lib32-libtiff 4.0.9-1 4.0.10-1 High Fixed FS#60599
AVG-790 libtiff 4.0.9-2 4.0.10-1 High Fixed FS#60599
Date Advisory Group Package Severity Description
20 Nov 2018 ASA-201811-18 AVG-791 lib32-libtiff High multiple issues
20 Nov 2018 ASA-201811-17 AVG-790 libtiff High multiple issues
References
http://bugzilla.maptools.org/show_bug.cgi?id=2819
https://gitlab.com/libtiff/libtiff/commit/99b10edde9a0fc28cc0e7b7757aa18ac4c8c225f