← back
CVE-2016-9534

CVE-2016-9534

EPSS 3.6%
tif_write.c in libtiff 4.0.6 has an issue in the error code path of TIFFFlushData1() that didn't reset the tif_rawcc and tif_rawcp members. Reported as MSVR 35095, aka "TIFFFlushData1 heap-buffer-overflow."
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://rhn.redhat.com/errata/RHSA-2017-0225.htmlhttps://github.com/vadz/libtiff/commit/83a4b92815ea04969d494416eaae3d4c6b338e4a#diff-5be5ce02d0dea67050d5b2a10102d1bahttp://www.debian.org/security/2017/dsa-3762http://www.securityfocus.com/bid/94484http://www.securityfocus.com/bid/94743