Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Thu, 24 Dec 2015 06:36:03 +0000
From: limingxing <>
To: "" <>
CC: 黄永刚 <>
Subject: CVE request --  Out-of-bounds Read in libtiff


We want to report 1 vulnerability in libtiff 4.0.6! 
The issue is about  tif_getimage.c line: 1403

            *cp++ = PACK4(pp[0], pp[1], pp[2], pp[3]);
            pp += samplesperpixel);

if  samplesperpixel = 3 ,pp[3] cause Out-of-bounds Read !

Could you give we a cve ?  Please credit it for:   “LMX of Qihoo 360 Codesafe Team”

Best Regards,
Download attachment "" of type "application/octet-stream" (228 bytes)

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ