oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE request: LibTIFF tiffcrop: Heap buffer overflow via writeBufferToSeparateStrips

From: <cve-assign () mitre org>
Date: Mon, 21 Nov 2016 22:05:37 -0500
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256


http://bugzilla.maptools.org/show_bug.cgi?id=2592

        * tools/tiffcrop.c: fix multiple uint32 overflows in
        writeBufferToSeparateStrips(), writeBufferToContigTiles() and
        writeBufferToSeparateTiles() that could cause heap buffer overflows.



Bug 2592 -
Summary:  Heap buffer overflow via writeBufferToSeparateStrips tiffcrop.c:1170



AddressSanitizer: heap-buffer-overflow
READ of size 223


Use CVE-2016-9532 for this integer overflow report with resultant
buffer over-read.

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJYM7WhAAoJEHb/MwWLVhi2CxIP/iBsAzZXlwVnlKsgeCs0sjc3
qG3xsKjFnuGmgOYwcFKcIUGVNT7B+Y6ilrAs5fXmS403ezZwmCNCXIRALITJKoTK
KVaUWTq0VEh5ntAHezJwMviREfl0+g3gX22yRJU6jsuW5l2xXvZWFKNMfAJvCnz/
x54Flhv2SawR1bKt7zlbxg40IivcQZuwIsL8ZestE00vBT/lMoEv2Z/xoDJGpbJM
V7fbvoR7UBcR6hqSoDi4D94y9Hsa6NC7PIfkL1ffGaIRyCIwegTwwyEB6WR/76I0
J/e0fDMicsTR4iTVrzGQNHGnj/cAmeTPGErQpIu5ndXKFbMQJfLjxyoUuWTFu2aN
GalgWMeVNv6crJH23eEjfPqqCSO9cU/9z2qQc6P5WYleKtRLlxRdoWllSJVZzeSw
+uy+1hdIseX18Y2pb14iG4iNSWPpbxUCPgsSS+izzqPc82rnKnTYGqJaDmsGN8oL
yquVr8ainyRe2s5fuPqAydsfBvfikuC88QYeTU6CjhNBYVj9yG0SgXSu3fb/d3KP
BKSvWHmKEAREkiu3M0e8Cby1x8E4sM3jCRTCUOcSuAU1tNB+o2CyR6+GLjpthBtH
XufZ1CLcjZNJzsdgH9urWZnH064SRvQ6qF9JJ6Ri/luTMz47IwjiuDv3NUxcafX8
6bGDLHQIyR2Tax1nHY7B
=pC5y
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: