CVE-2016-10371

Published: May 10, 2017Modified: May 13, 2026

5.5

Vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

The TIFFWriteDirectoryTagCheckedRational function in tif_dirwrite.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted TIFF file.

Affected (1)

Products: Libtiff: Libtiff

Libtiff

1 product

Libtiff

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Libtiff Libtiff	Version 4.0.6

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (6)

http://bugzilla.maptools.org/show_bug.cgi?id=2535

Source: cve@mitre.org

Issue Tracking

http://bugzilla.maptools.org/show_bug.cgi?id=2612

Source: cve@mitre.org

Issue Tracking

https://usn.ubuntu.com/3602-1/

Source: cve@mitre.org

http://bugzilla.maptools.org/show_bug.cgi?id=2535

Source: af854a3a-2127-422b-91ae-364da2661108

Issue Tracking

http://bugzilla.maptools.org/show_bug.cgi?id=2612

Source: af854a3a-2127-422b-91ae-364da2661108

Issue Tracking

https://usn.ubuntu.com/3602-1/

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.