LibTIFF is prone to multiple local memory-corruption vulnerabilities.
Attackers can exploit these issues to obtain sensitive information or to crash the affected application, resulting in a denial-of-service condition.
LibTIFF 4.0.8 is affected; other versions may also be affected.
Information
Bugtraq ID: 101696Class: Boundary Condition Error
CVE: CVE-2017-16232
Remote: No
Local: Yes
Published: Oct 30 2017 12:00AM
Updated: Nov 07 2017 06:06PM
Credit: ZHANG JIAWANG from cncert.
Vulnerable: LibTIFF LibTIFF 4.0.8
Not Vulnerable:
Exploit
The researcher has created a proof-of-concept to demonstrate the issue. Please see the references for more information.