[3.7] tiff: Multiple vulnerabilities (CVE-2017-9936, CVE-2017-10688)| ID: oval:org.secpod.oval:def:1800068 | Date: (C)2018-03-29 (M)2022-08-31 |
| Class: PATCH | Family: unix |
CVE-2017-9936: In LibTIFF 4.0.8, there is a memory leak in tif_jbig.c. A crafted TIFF document can lead to a memory leak resulting in a remote denial of service attack. Reference:¶ Patch:¶ CVE-2017-10688: In LibTIFF 4.0.8, there is a assertion abort in the TIFFWriteDirectoryTagCheckedLong8Array function in tif_dirwrite.c. A crafted input will lead to a remote denial of service attack. Reference:¶ Patch:¶
| Platform: |
| Alpine Linux 3.7 |
