{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-11-07T00:00:00", "descriptions": [{"lang": "en", "value": "The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via crafted TIFF_SETGET_C16ASCII or TIFF_SETGET_C32_ASCII tag values."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-11-03T18:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "GLSA-201701-16", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/201701-16"}, {"name": "[oss-security] 20161111 CVE Request: libtiff: read outside buffer in _TIFFPrintField()", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2016/11/12/2"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://bugzilla.maptools.org/show_bug.cgi?id=2590"}, {"name": "[oss-security] 20161114 Re: CVE Request: libtiff: read outside buffer in _TIFFPrintField()", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2016/11/14/7"}, {"name": "DSA-3762", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2017/dsa-3762"}, {"name": "94419", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/94419"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2016-9297", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via crafted TIFF_SETGET_C16ASCII or TIFF_SETGET_C32_ASCII tag values."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "GLSA-201701-16", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201701-16"}, {"name": "[oss-security] 20161111 CVE Request: libtiff: read outside buffer in _TIFFPrintField()", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2016/11/12/2"}, {"name": "http://bugzilla.maptools.org/show_bug.cgi?id=2590", "refsource": "CONFIRM", "url": "http://bugzilla.maptools.org/show_bug.cgi?id=2590"}, {"name": "[oss-security] 20161114 Re: CVE Request: libtiff: read outside buffer in _TIFFPrintField()", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2016/11/14/7"}, {"name": "DSA-3762", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2017/dsa-3762"}, {"name": "94419", "refsource": "BID", "url": "http://www.securityfocus.com/bid/94419"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T02:42:11.260Z"}, "title": "CVE Program Container", "references": [{"name": "GLSA-201701-16", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "https://security.gentoo.org/glsa/201701-16"}, {"name": "[oss-security] 20161111 CVE Request: libtiff: read outside buffer in _TIFFPrintField()", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2016/11/12/2"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://bugzilla.maptools.org/show_bug.cgi?id=2590"}, {"name": "[oss-security] 20161114 Re: CVE Request: libtiff: read outside buffer in _TIFFPrintField()", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2016/11/14/7"}, {"name": "DSA-3762", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2017/dsa-3762"}, {"name": "94419", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/94419"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2016-9297", "datePublished": "2017-01-18T17:00:00", "dateReserved": "2016-11-14T00:00:00", "dateUpdated": "2024-08-06T02:42:11.260Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:libtiff:libtiff:4.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "33708995-494C-476D-B0E3-1E78B9328699", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via crafted TIFF_SETGET_C16ASCII or TIFF_SETGET_C32_ASCII tag values."}, {"lang": "es", "value": "La funci\u00f3n TIFFFetchNormalTag en LibTiff 4.0.6 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (lectura fuera de l\u00edmites) a trav\u00e9s de valores de etiqueta TIFF_SETGET_C16ASCII o TIFF_SETGET_C32_ASCII manipulados."}], "id": "CVE-2016-9297", "lastModified": "2025-04-20T01:37:25.860", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-01-18T17:59:01.293", "references": [{"source": "cve@mitre.org", "tags": ["Issue Tracking", "Patch"], "url": "http://bugzilla.maptools.org/show_bug.cgi?id=2590"}, {"source": "cve@mitre.org", "url": "http://www.debian.org/security/2017/dsa-3762"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2016/11/12/2"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2016/11/14/7"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/94419"}, {"source": "cve@mitre.org", "url": "https://security.gentoo.org/glsa/201701-16"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Patch"], "url": "http://bugzilla.maptools.org/show_bug.cgi?id=2590"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2017/dsa-3762"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2016/11/12/2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2016/11/14/7"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/94419"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.gentoo.org/glsa/201701-16"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-125"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "libtiff: Out-of-bounds heap read in _TIFFPrintField (tif_print.c:127)", "id": "1395264", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1395264"}, "csaw": false, "cvss": {"cvss_base_score": "4.3", "cvss_scoring_vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "status": "draft"}, "cvss3": {"cvss3_base_score": "3.3", "cvss3_scoring_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "status": "draft"}, "cwe": "CWE-170", "details": ["The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via crafted TIFF_SETGET_C16ASCII or TIFF_SETGET_C32_ASCII tag values.", "An out-of-bounds heap read was discovered in libtiff. A crafted file could cause the application to crash or, potentially, disclose process memory."], "name": "CVE-2016-9297", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "libtiff", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Will not fix", "package_name": "libtiff", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Will not fix", "package_name": "compat-libtiff3", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Will not fix", "package_name": "libtiff", "product_name": "Red Hat Enterprise Linux 7"}], "public_date": "2016-11-07T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2016-9297\nhttps://nvd.nist.gov/vuln/detail/CVE-2016-9297"], "statement": "Red Hat Product Security has rated this issue as having Low security\nimpact. This issue is not currently planned to be addressed in future\nupdates. For additional information, refer to the Issue Severity\nClassification: https://access.redhat.com/security/updates/classification/.", "threat_severity": "Low"}

{}