[3.4] tiff: Multiple vulnerabilities (CVE-2017-9147, CVE-2017-9403, CVE-2017-9404, CVE-2017-9936, CVE-2017-10688)ID: oval:org.secpod.oval:def:1800670 | Date: (C)2018-03-28 (M)2023-12-20 |
Class: PATCH | Family: unix |
CVE-2017-9147: LibTIFF 4.0.7 has an invalid read in the _TIFFVGetField function in tif_dir.c, which might allow remote attackers to cause a denial of service via a crafted TIFF file. CVE-2017-9403: In LibTIFF 4.0.7, a memory leak vulnerability was found in the function TIFFReadDirEntryLong8Array in tif_dirread.c, which allows attackers to cause a denial of service via a crafted file. CVE-2017-9404: In LibTIFF 4.0.7, a memory leak vulnerability was found in the function OJPEGReadHeaderInfoSecTablesQTable in tif_ojpeg.c, which allows attackers to cause a denial of service via a crafted file.
Platform: |
Alpine Linux 3.4 |