CVE-2017-9117

MEDIUM

LibTIFF <4.0.6 - Buffer Overflow

Title source: llm

Description

In LibTIFF 4.0.6 and possibly other versions, the program processes BMP images without verifying that biWidth and biHeight in the bitmap-information header match the actual input, as demonstrated by a heap-based buffer over-read in bmp2tiff. NOTE: mentioning bmp2tiff does not imply that the activation point is in the bmp2tiff.c file (which was removed before the 4.0.7 release).

References (4)

[Exploit, Issue Tracking, Third Party Advisory] http://bugzilla.maptools.org/show_bug.cgi?id=2690

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/98581

[Third Party Advisory] https://usn.ubuntu.com/3606-1/

[Issue Tracking] https://gitlab.com/libtiff/libtiff/-/issues/89

Scores

CVSS v3 4.0

EPSS 0.0011

EPSS Percentile 29.8%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Details

CWE

CWE-125

Status published

Products (5)

libtiff/libtiff

canonical/ubuntu_linux

canonical/ubuntu_linux

canonical/ubuntu_linux

LibTIFF/LibTIFF < 4.0.6

Published May 21, 2017

Tracked Since Feb 18, 2026