A vulnerability was found in the libtiff library. Using a tiffset command on a maliciously crafted image could result in a denial-of-service. Vulnerable code: /libtiff/tif_dirwrite.c: 1625 1623 for (q=p, ma=value, mb=0; mb<count; ma++, mb++, q++) 1624 { 1625 if (*ma>0xFFFFFFFF) 1626 { 1627 TIFFErrorExt(tif->tif_clientdata,module, 1628 "Attempt to write value larger than 0xFFFFFFFF in Classic TIFF file."); 1629 _TIFFfree(p); 1630 return(0); 1631 } 1632 *q= (uint32)(*ma); 1633 } References: http://www.openwall.com/lists/oss-security/2016/04/08/12
External References: http://bugzilla.maptools.org/show_bug.cgi?id=2546
*** This bug has been marked as a duplicate of bug 1185805 ***
Statement: This flaw was found to be a duplicate of CVE-2014-8127. Please see https://access.redhat.com/security/cve/CVE-2014-8127 for information about affected products and security errata.