CVE-2016-3619 in Apple tvOSinfo

Summary

The DumpModeEncode function in tif_dumpmode.c in the bmp2tiff tool in LibTIFF 4.0.6 and earlier, when the "-c none" option is used, allows remote attackers to cause a denial of service (buffer over-read) via a crafted BMP image.

Reservation

03/21/2016

Disclosure

10/03/2016

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
98862	Apple tvOS ImageIO out-of-bounds	125	Proof-of-Concept	Official fix	CVE-2016-3619
98828	Apple watchOS ImageIO out-of-bounds	125	Proof-of-Concept	Official fix	CVE-2016-3619
98747	Apple iOS ImageIO out-of-bounds	125	Proof-of-Concept	Official fix	CVE-2016-3619
98717	Apple macOS tiffutil out-of-bounds	125	Not defined	Official fix	CVE-2016-3619
98637	Apple macOS ImageIO out-of-bounds	125	Proof-of-Concept	Official fix	CVE-2016-3619
92306	LibTIFF bmp2tiff tif_dumpmode.c DumpModeEncode out-of-bounds	125	Not defined	Official fix	CVE-2016-3619

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

◂ PreviousOverviewNext ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!