CVE-2017-5563

CVE-2017-5563

EPSS 3.0%

LibTIFF version 4.0.7 is vulnerable to a heap-based buffer over-read in tif_lzw.c resulting in DoS or code execution via a crafted bmp image to tools/bmp2tiff.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://bugzilla.maptools.org/show_bug.cgi?id=2664 https://security.gentoo.org/glsa/201709-27 https://usn.ubuntu.com/3606-1/http://www.securityfocus.com/bid/95705