CVE-2016-9535 in Apple macOSinfo

Summary

tif_predict.h and tif_predict.c in libtiff 4.0.6 have assertions that can lead to assertion failures in debug mode, or buffer overflows in release mode, when dealing with unusual tile size like YCbCr with subsampling. Reported as MSVR 35105, aka "Predictor heap-buffer-overflow."

Reservation

11/21/2016

Disclosure

11/22/2016

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
98719	Apple macOS tiffutil memory corruption	119	Not defined	Official fix	CVE-2016-9535
93748	LibTIFF Debug Mode/Release Mode tif_predict.c memory corruption	119	Not defined	Official fix	CVE-2016-9535

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

◂ PreviousOverviewNext ▸

Want to know what is going to be exploited?

We predict KEV entries!