CVE-2017-9815

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
22/06/2017
Last modified:
20/04/2025

Description

In LibTIFF 4.0.7, the TIFFReadDirEntryLong8Array function in libtiff/tif_dirread.c mishandles a malloc operation, which allows attackers to cause a denial of service (memory leak within the function _TIFFmalloc in tif_unix.c) via a crafted file.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:libtiff:libtiff:4.0.7:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*