CVE-2018-8905 log

Severity High
Remote Yes
Type Arbitrary code execution
In LibTIFF before 4.0.10, a heap-based buffer overflow (out-of-bounds write) occurs in the function LZWDecodeCompat in tif_lzw.c via a crafted TIFF file, as demonstrated by the tiff2ps tool.
Group Package Affected Fixed Severity Status Ticket
AVG-813 libtiff 4.0.9-1 4.0.9-2 High Fixed
AVG-791 lib32-libtiff 4.0.9-1 4.0.10-1 High Fixed FS#60599
Date Advisory Group Package Severity Type
20 Nov 2018 ASA-201811-18 AVG-791 lib32-libtiff High multiple issues