Date: Thu, 30 Jun 2016 06:40:38 +0000 From: "ncl@...k.li" <ncl@...k.li> To: oss-security@...ts.openwall.com, cve-assign@...re.org Subject: Re: Re: CVE request: Heap-based buffer overflow in LibTIFF when using the PixarLog compression format cve-assign@...re.org: >> heap-based buffer overflow in >> LibTIFF in the file libtiff/tif_pixarlog.c. The vulnerability allows an >> attacker to control the size of the allocated heap-buffer while >> independently controlling the data to be written to the buffer with no >> restrictions on the size of the written data. > >> revision 1.44 >> date: 2016-06-28 17:12:19 +0200; author: erouault; commitid: 2SqWSFG5a8Ewffcz; > >> * libtiff/tif_pixarlog.c: fix potential buffer write overrun in >> PixarLogDecode() on corrupted/unexpected images (reported by Mathias >> Svensson) > > Use CVE-2016-5875. I think this is a duplicate with CVE-2016-5320 and CVE-2016-5314. CVE-2016-5875 (buffer overrun in PixarLogDecode()) is CVE-2016-5314 (PixarLogDecode() out-of-bound writes) which causes CVE-2016-5320 (rgb2ycbcr command execution).
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ