LibTIFF version 4.0.7 is vulnerable to a heap buffer overflow in the tools/tiffcp resulting in DoS or code execution via a crafted BitsPerSample value.
{ "vanir_signatures": [ { "signature_version": "v1", "signature_type": "Function", "target": { "file": "tools/tiffcp.c", "function": "tiffcp" }, "id": "CVE-2017-5225-4e09e5be", "digest": { "length": 6122.0, "function_hash": "139757515412619317776256060797273960561" }, "deprecated": false, "source": "https://github.com/vadz/libtiff/commit/5c080298d59efa53264d7248bbe3a04660db6ef7" }, { "signature_version": "v1", "signature_type": "Function", "target": { "file": "tools/tiffcp.c", "function": "DECLAREcpFunc" }, "id": "CVE-2017-5225-56360e4e", "digest": { "length": 1011.0, "function_hash": "168156336267725420381506114202630947193" }, "deprecated": false, "source": "https://github.com/vadz/libtiff/commit/5c080298d59efa53264d7248bbe3a04660db6ef7" }, { "signature_version": "v1", "signature_type": "Line", "target": { "file": "tools/tiffcp.c" }, "id": "CVE-2017-5225-da219ced", "digest": { "line_hashes": [ "136248069597515547354886829352792017324", "276184522356552445469833162815849296552", "48733699451098292164688078749491633094", "25400277086004514631513115314684551438", "98582711887134687347867759195701524014", "101824058636121926936295693400555351272", "10611410785911493730315934183292050452", "322599227046705245941446755801945879635", "98582711887134687347867759195701524014", "101824058636121926936295693400555351272", "10611410785911493730315934183292050452", "322599227046705245941446755801945879635", "170271766192263683930282281212249681344", "229697156173984413749737760831716949294", "218489414069696955633694738271343607190", "43264974078353853148923916561927878852" ], "threshold": 0.9 }, "deprecated": false, "source": "https://github.com/vadz/libtiff/commit/5c080298d59efa53264d7248bbe3a04660db6ef7" }, { "signature_version": "v1", "signature_type": "Function", "target": { "file": "tools/tiffcp.c", "function": "DECLAREcpFunc" }, "id": "CVE-2017-5225-fa060928", "digest": { "length": 1011.0, "function_hash": "97221662646033453553265587060548636437" }, "deprecated": false, "source": "https://github.com/vadz/libtiff/commit/5c080298d59efa53264d7248bbe3a04660db6ef7" } ] }