Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: VEX Vulnerability Details

SANS Site Network

Current Site

SANS Internet Storm Center

Other SANS Sites Help

Graduate Degree Programs

Security Training

Security Certification

Security Awareness Training

Penetration Testing

Industrial Control Systems

Cyber Defense Foundations

DFIR

Software Security

Government OnSite Training

VEX Vulnerability Details

Log In or Sign Up for Free!

VEXID-201150
Published	2017-01-20 15:59:00
Last Modified	2017-01-20 19:23:15
AKA	CVE-2016-5321
Summary	The DumpModeDecode function in libtiff 4.0.6 and earlier allows attackers tocause a denial of service (invalid read and crash) via a crafted tiff image.
CVSS Score	4.3
CVSS Source	http://nvd.nist.gov

CVSS
Access Vector	Local	Adjacent	Network
Access Complexity	Low	Medium	High
Authentication	None	Single	Multiple
Confidentiality	None	Partial	Complete
Integrity	None	Partial	Complete
Availability	None	Partial	Complete

References
Type	Content
Vendor Advisory	openSUSE-SU-2016:3035