Skip to content

libtiff_cve-2016-10094

Directory actions

More options

Directory actions

More options

Latest commit

 

History

History

libtiff_cve-2016-10094

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
root_causes
root_causes
 
 
seeds
seeds
 
 
README.md
README.md
 
 
build.sh
build.sh
 
 
config.sh
config.sh
 
 
preinstall.sh
preinstall.sh
 
 

README.md

libtiff/cve-2016-10094

description

In t2p_readwrite_pdf_image_tile(), the condition in an if-statement is wrong and causes heap-based buffer overflow.

references

http://bugzilla.maptools.org/show_bug.cgi?id=2640

https://nvd.nist.gov/vuln/detail/CVE-2016-10094

patch commit

https://github.com/vadz/libtiff/commit/c7153361a4041260719b340f73f2f76b0969235c

fixed files

https://github.com/vadz/libtiff/commit/c7153361a4041260719b340f73f2f76b0969235c#diff-326b117714248eea304b7838f7803e1e6f9f3a27f6c3004bada9b24c6a6800c5

Source of PoC

https://github.com/asarubbo/poc/blob/master/00112-libtiff-heapoverflow-_TIFFmemcpy