CVE-2016-5102

Published: Feb 6, 2017Modified: May 13, 2026

5.5

Vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

Buffer overflow in the readgifimage function in gif2tiff.c in the gif2tiff tool in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (segmentation fault) via a crafted gif file.

Affected (1)

Products: Libtiff: Libtiff

Libtiff

1 product

Libtiff

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Libtiff Libtiff	Up to 4.0.6

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (10)

http://bugzilla.maptools.org/show_bug.cgi?id=2552

Source: cve@mitre.org

Issue TrackingThird Party Advisory

http://www.securityfocus.com/bid/96049

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

https://bugzilla.redhat.com/show_bug.cgi?id=1343407

Source: cve@mitre.org

Issue TrackingThird Party Advisory

https://security.gentoo.org/glsa/201701-16

Source: cve@mitre.org

Third Party Advisory

https://usn.ubuntu.com/3606-1/

Source: cve@mitre.org

http://bugzilla.maptools.org/show_bug.cgi?id=2552