oss-sec mailing list archives
Re: Re: CVE request: Heap-based buffer overflow in LibTIFF when using the PixarLog compression format
From: "ncl () cock li" <ncl () cock li>
Date: Thu, 30 Jun 2016 06:40:38 +0000
cve-assign () mitre org:
heap-based buffer overflow in LibTIFF in the file libtiff/tif_pixarlog.c. The vulnerability allows an attacker to control the size of the allocated heap-buffer while independently controlling the data to be written to the buffer with no restrictions on the size of the written data.revision 1.44 date: 2016-06-28 17:12:19 +0200; author: erouault; commitid: 2SqWSFG5a8Ewffcz;* libtiff/tif_pixarlog.c: fix potential buffer write overrun in PixarLogDecode() on corrupted/unexpected images (reported by Mathias Svensson)Use CVE-2016-5875.
I think this is a duplicate with CVE-2016-5320 and CVE-2016-5314. CVE-2016-5875 (buffer overrun in PixarLogDecode()) is CVE-2016-5314 (PixarLogDecode() out-of-bound writes) which causes CVE-2016-5320 (rgb2ycbcr command execution).
Current thread:
- CVE request: Heap-based buffer overflow in LibTIFF when using the PixarLog compression format Mathias Svensson (Jun 29)
- Re: CVE request: Heap-based buffer overflow in LibTIFF when using the PixarLog compression format cve-assign (Jun 29)
- Re: Re: CVE request: Heap-based buffer overflow in LibTIFF when using the PixarLog compression format ncl () cock li (Jun 29)
- Re: CVE request: Heap-based buffer overflow in LibTIFF when using the PixarLog compression format cve-assign (Jun 29)