Skip to content
Branch: master
Find file History
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
..
Failed to load latest commit information.
00074-libtiff-heapoverflow-TIFFFillStrip
README.md

README.md

CVE/EDB ID

CVE-2016-10270

Experiment Environment

Ubuntu 14.04

INSTALL and Configuration

http://www.libtiff.org/build.html

Problems in Installation and Configuration

n/a

How to trigger vulnerability

tiffcp -i $FILE /tmp/foo

PoC

In folder

Vulnerability Details and Patch

Root Cause

n/a

Stack Trace

==15106==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x60200000edd8 at pc 0x7f33918c5de3 bp 0x7ffc5abe6ba0 sp 0x7ffc5abe6b98READ of size 8 at 0x60200000edd8 thread T0#0 0x7f33918c5de2 in TIFFFillStrip /tmp/portage/media-libs/tiff-4.0.7/work/tiff-4.0.7/libtiff/tif_read.c:523:22

Patch

https://github.com/vadz/libtiff/commit/9a72a69e035ee70ff5c41541c8c61cd97990d018

References

https://blogs.gentoo.org/ago/2017/01/01/libtiff-multiple-heap-based-buffer-overflow/

You can’t perform that action at this time.