CVE-2017-5225 : LibTIFF version 4.0.7 is vulnerable to a heap buffer overflow in the tools/tiffc

LibTIFF version 4.0.7 is vulnerable to a heap buffer overflow in the tools/tiffcp resulting in DoS or code execution via a crafted BitsPerSample value.

Published 2017-01-12 11:59:00

Updated 2017-11-04 01:29:43

Source MITRE

View at NVD, CVE.org

Vulnerability category: OverflowDenial of service

Products affected by CVE-2017-5225

Libtiff » Libtiff » Version: 4.0.7
cpe:2.3:a:libtiff:libtiff:4.0.7:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2017-5225

EPSS FAQ

0.98%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 75 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2017-5225

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
7.5	HIGH	AV:N/AC:L/Au:N/C:P/I:P/A:P	10.0	6.4	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial
9.8	CRITICAL	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	3.9	5.9	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2017-5225

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2017-5225

http://bugzilla.maptools.org/show_bug.cgi?id=2656

Bug 2656 – Heap based buffer overflow in tools/tiffcp
Exploit;Issue Tracking
http://bugzilla.maptools.org/show_bug.cgi?id=2657

Bug 2657 – Heap based buffer overflow in tools/tiffcp
Exploit;Issue Tracking
http://www.securityfocus.com/bid/95413

LibTIFF CVE-2017-5225 Heap Buffer Overflow Vulnerability
Third Party Advisory;VDB Entry
http://www.securitytracker.com/id/1037911

LibTIFF Heap Overflow in tiffcp() in Processing Files Lets Remote Users Execute Arbitrary Code - SecurityTracker
http://www.debian.org/security/2017/dsa-3844

Debian -- Security Information -- DSA-3844-1 tiff

CVEs referencing this url
https://github.com/vadz/libtiff/commit/5c080298d59efa53264d7248bbe3a04660db6ef7

* tools/tiffcp.c: error out cleanly in cpContig2SeparateByRow and · vadz/libtiff@5c08029 · GitHub
Patch
https://security.gentoo.org/glsa/201709-27

libTIFF: Multiple vulnerabilities (GLSA 201709-27) — Gentoo security

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2017-5225

Products affected by CVE-2017-5225

Exploit prediction scoring system (EPSS) score for CVE-2017-5225

CVSS scores for CVE-2017-5225

CWE ids for CVE-2017-5225

References for CVE-2017-5225