#VU32102 Out-of-bounds read in LibTIFF - CVE-2016-9273

Cybersecurity Help s.r.o.

Published: 2017-01-18 | Updated: 2020-07-28

Vulnerability identifier: #VU32102

Vulnerability risk: Low

CVSSv4.0: 4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2016-9273

CWE-ID: CWE-125

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
LibTIFF
Universal components / Libraries / Libraries used by multiple products

Vendor: LibTIFF

Description

The vulnerability allows a local non-authenticated attacker to perform a denial of service (DoS) attack.

tiffsplit in libtiff 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file, related to changing td_nstrips in TIFF_STRIPCHOP mode.

Mitigation
Install update from vendor's website.

Vulnerable software versions

LibTIFF: 1:6.0p1-4+deb7u4

External links
https://bugzilla.maptools.org/show_bug.cgi?id=2587
https://www.debian.org/security/2017/dsa-3762
https://www.openwall.com/lists/oss-security/2016/11/09/20
https://www.openwall.com/lists/oss-security/2016/11/11/6
https://www.securityfocus.com/bid/94271
https://security.gentoo.org/glsa/201701-16

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in IBM Dynamic System Analysis (DSA) Preboot

Out-of-bounds read in LibTIFF

Out-of-bounds read in tiff (Alpine package)