mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-07 03:02:30 +00:00
1.1 KiB
1.1 KiB
CVE-2016-5314
Description
Buffer overflow in the PixarLogDecode function in tif_pixarlog.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by overwriting the vgetparent function pointer with rgb2ycbcr.
POC
Reference
- http://www.openwall.com/lists/oss-security/2016/06/15/9
- http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html