CVE-2014-8127

See a problem?

Source

https://nvd.nist.gov/vuln/detail/CVE-2014-8127

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2014-8127.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2014-8127

Related

Published

2017-06-26T15:29:00Z

Modified

2024-08-01T07:46:27.188179Z

Severity

6.5 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted TIFF image to the (1) checkInkNamesString function in tifdir.c in the thumbnail tool, (2) compresscontig function in tiff2bw.c in the tiff2bw tool, (3) putcontig8bitCIELab function in tifgetimage.c in the tiff2rgba tool, LZWPreDecode function in tiflzw.c in the (4) tiff2ps or (5) tiffdither tool, (6) NeXTDecode function in tifnext.c in the tiffmedian tool, or (7) TIFFWriteDirectoryTagLongLong8Array function in tif_dirwrite.c in the tiffset tool.

References

Affected packages

Alpine:v3.2 / tiff

Package

Name: tiff
Purl: pkg:apk/alpine/tiff?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.0.7-r0

Affected versions

3.*

3.8.2-r0

3.8.2-r1

3.8.2-r2

3.8.2-r3

3.8.2-r4

3.9.5-r0

3.9.5-r1

4.*

4.0.1-r0

4.0.2-r0

4.0.2-r1

4.0.3-r0

4.0.3-r1

4.0.3-r2

4.0.3-r3

4.0.6-r0

4.0.6-r1

4.0.6-r2

Alpine:v3.3 / tiff

Package

Name: tiff
Purl: pkg:apk/alpine/tiff?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.0.7-r0

Affected versions

3.*

3.8.2-r0

3.8.2-r1

3.8.2-r2

3.8.2-r3

3.8.2-r4

3.9.5-r0

3.9.5-r1

4.*

4.0.1-r0

4.0.2-r0

4.0.2-r1

4.0.3-r0

4.0.3-r1

4.0.3-r2

4.0.3-r3

4.0.6-r0

4.0.6-r1

4.0.6-r3

4.0.6-r4

Alpine:v3.4 / tiff

Package

Name: tiff
Purl: pkg:apk/alpine/tiff?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.0.7-r0

Affected versions

3.*

3.8.2-r0

3.8.2-r1

3.8.2-r2

3.8.2-r3

3.8.2-r4

3.9.5-r0

3.9.5-r1

4.*

4.0.1-r0

4.0.2-r0

4.0.2-r1

4.0.3-r0

4.0.3-r1

4.0.3-r2

4.0.3-r3

4.0.6-r0

4.0.6-r1

4.0.6-r3

4.0.6-r4

Debian:11 / tiff

Package

Name: tiff
Purl: pkg:deb/debian/tiff?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.0.6-3

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:12 / tiff

Package

Name: tiff
Purl: pkg:deb/debian/tiff?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.0.6-3

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:13 / tiff

Package

Name: tiff
Purl: pkg:deb/debian/tiff?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.0.6-3

Ecosystem specific

{
    "urgency": "unimportant"
}