LibTIFF putcontig8bitCIELab Function Denial of Service Vulnerability (CVE-2015-8683)
LibTIFF putcontig8bitCIELab Function Denial of Service Vulnerability (CVE-2015-8683)
Release date:
Updated on:
Affected Systems:
LibTIFF 4.0.6
LibTIFF
Description:
CVE (CAN) ID: CVE-2015-8683
LibTIFF is a library used to read and write label image files (abbreviated as TIFF.
LibTIFF 4.0.6 has a security vulnerability in the putcontig8bitCIELab implementation of the put_getimage.c function. Attackers can exploit this vulnerability to create DoS attacks by constructing TIFF images.
<* Source: Petr Gajdos
*>
Suggestion:
Vendor patch:
LibTIFF
-------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://www.debian.org/security/2016/dsa-3467
Http://www.openwall.com/lists/oss-security/2015/12/25/1
This article permanently updates the link address: