Home
Packages
Forums
Wiki
GitLab
Security
AUR
Download

issues
advisories
todo
stats
log
login

CVE-2018-8905 - log back

CVE-2018-8905 created at 25 Sep 2019 19:31:40

Severity

+

High

Remote

+

Remote

Type

+	Arbitrary code execution

Description

+	In LibTIFF before 4.0.10, a heap-based buffer overflow (out-of-bounds write) occurs in the function LZWDecodeCompat in tif_lzw.c via a crafted TIFF file, as demonstrated by the tiff2ps tool.

References

+	http://bugzilla.maptools.org/show_bug.cgi?id=2780
+	https://gitlab.com/libtiff/libtiff/commit/58a898cb4459055bb488ca815c23b880c242a27d

Notes