CVE-2018-12900
HIGHLibTIFF 3.9.3-4.0.9 - Heap-based Buffer Overflow in cpSeparateBufToContigBuf
Title source: llmDescription
Heap-based buffer overflow in the cpSeparateBufToContigBuf function in tiffcp.c in LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0beta7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.0.8 and 4.0.9 allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact via a crafted TIFF file.
References (8)
Core 8
Core References
Exploit, Issue Tracking, Third Party Advisory x_refsource_misc
http://bugzilla.maptools.org/show_bug.cgi?id=2798
Third Party Advisory vendor-advisory
x_refsource_ubuntu
https://usn.ubuntu.com/3906-1/
Vendor Advisory vendor-advisory
x_refsource_ubuntu
https://usn.ubuntu.com/3906-2/
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2019:2053
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2019:3419
Mailing List mailing-list
x_refsource_mlist
https://lists.debian.org/debian-lts-announce/2019/11/msg00027.html
Third Party Advisory vendor-advisory
x_refsource_debian
https://www.debian.org/security/2020/dsa-4670
Various Sources x_refsource_misc
https://github.com/Hack-Me/Pocs_for_Multi_Versions/tree/main/CVE-2018-12900
Scores
CVSS v3
8.8
EPSS
0.0989
EPSS Percentile
93.1%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Details
CWE
CWE-787
Status
published
Products (5)
canonical/ubuntu_linux
14.04
canonical/ubuntu_linux
16.04
canonical/ubuntu_linux
18.04
canonical/ubuntu_linux
18.10
libtiff/libtiff
4.0.9
Published
Jun 26, 2018
Tracked Since
Feb 18, 2026