[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    [oss-security] Re: CVE request libtiff: out-of-bounds read in CIE Lab image format
From:       cve-assign () mitre ! org
Date:       2015-12-26 3:10:58
Message-ID: 20151226031058.705046C0009 () smtpvmsrv1 ! mitre ! org
[Download RAW message or body]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> If the data of image is packed ... a pixel only owns one byte. But in
> the implementation of putcontig8bitCIELab, it eats 3 bytes per pixel.
> This will lead to an out-of-bounds read

> tif_getimage.c, libtiff v4.0.6

> DECLAREContigPutFunc(putcontig8bitCIELab)

Use CVE-2015-8683.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJWfgSfAAoJEL54rhJi8gl5gSkP/Amj1H6Tkb0IbaNaAbowHfeg
9j/mJ8EEzkokXlEgP/1GwElnwOw7e2wRE6HP8is1eFmoEKzrOW06RSYmqT6S88jT
QkKqH/YCvpdgNlwBH+a88KIwfDqX1KAlPVrWtrgv5RWk+gRaH6Z8lYlCzFDq54Yw
DnoZKaw+qMvsxmBvKOPgSB2pYQ6XjtxI8iFSZqpWc8utsmRlVnnV86/ocT3gVFN8
Sn0Cs94uRhsg7P41eWSA+l1A2phE3RB3xflMU4HKlii3wBLvEFMTNkYSPe5IopB0
XYxmwYsbQOTr0GWmrmjRYUvQlNn5o8XN3LaKGUOkpFzxvAxJrD2sATXhqeVSPyjw
WmeKBfJc0bNQxqYpxssJpDZnpwpG/eSm5RNSL85IZwB+XAVDjq5HejWwmCExkDSU
cNd06MghW42aHQPqJuSDK0VO6gQ4lcrXQf8VVRHLeAg4N40C0znt4aYIuu0FYJ0Z
D9qwrph0o6soYQXo0OeiBdTko7Vm1CN77f8icHT6SonLOXVndkjSxc3dsvumAhWk
HWPIDlDfCk162zKrSw83wCdzYTO3Nrt9yVOntmQoRzGgOhcXoZWIg6GVyDZAeRxy
9dT2MH7oXOjyM7wzxhiQyDGrsKVQjlw2zwXMTohY9MXUmfNrXMQP92ageSXxAR/m
9GaWzVP4oKh2l3uip3rH
=Yunc
-----END PGP SIGNATURE-----
[prev in list] [next in list] [prev in thread] [next in thread]