Heap-based buffer overflow in the loadImage function in the tiffcrop tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via a crafted TIFF image with zero tiles.
Metrics
Affected Vendors & Products
Advisories
Source | ID | Title |
---|---|---|
![]() |
DLA-606-1 | tiff security update |
![]() |
DLA-610-1 | tiff3 security update |
![]() |
DSA-3762-1 | tiff security update |
![]() |
EUVD-2016-5000 | Heap-based buffer overflow in the loadImage function in the tiffcrop tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via a crafted TIFF image with zero tiles. |
![]() |
USN-3212-1 | LibTIFF vulnerabilities |
![]() |
USN-3212-3 | LibTIFF vulnerabilities |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
No history.

Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-06T00:10:32.035Z
Reserved: 2016-04-08T00:00:00
Link: CVE-2016-3991

No data.

Status : Deferred
Published: 2016-09-21T18:59:03.863
Modified: 2025-04-12T10:46:40.837
Link: CVE-2016-3991


No data.