LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.0.8 and 4.0.9 (with JBIG enabled) decodes arbitrarily-sized JBIG into a buffer, ignoring the buffer size, which leads to a tif_jbig.c JBIGDecode out-of-bounds write.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2018-10-22T16:00:00

Updated: 2024-08-05T11:15:59.646Z

Reserved: 2018-10-22T00:00:00

Link: CVE-2018-18557

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2018-10-22T16:29:00.267

Modified: 2024-11-21T03:56:09.060

Link: CVE-2018-18557

cve-icon Redhat

Severity : Moderate

Publid Date: 2018-10-14T00:00:00Z

Links: CVE-2018-18557 - Bugzilla