CVE-2016-8707

Priority
Medium
Description
An exploitable out of bounds write exists in the handling of compressed
TIFF images in ImageMagicks's convert utility. A crafted TIFF document can
lead to an out of bounds write which in particular circumstances could be
leveraged into remote code execution. The vulnerability can be triggered
through any user controlled TIFF that is handled by this functionality.
References
Bugs
Notes
 mdeslaur> This is 0175-Fix-possible-buffer-overflow-when-writing-compressed.patch
 mdeslaur> and 0176-Fix-possible-buffer-overflow-when-writing-compressed.patch
Package
Upstream:released (8:6.9.7.0+dfsg-1)
Ubuntu 12.04 LTS (Precise Pangolin):released (8:6.6.9.7-5ubuntu3.8)
Ubuntu 14.04 LTS (Trusty Tahr):released (8:6.7.7.10-6ubuntu3.5)
Ubuntu Touch 15.04:DNE
Ubuntu Core 15.04:DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (8:6.8.9.9-7ubuntu5.5)
Ubuntu 16.10 (Yakkety Yak):released (8:6.8.9.9-7ubuntu8.4)
Ubuntu 17.04 (Zesty Zapus):pending (8:6.9.7.0+dfsg-2ubuntu1)
More Information

Updated: 2017-03-08 15:14:18 UTC (commit 12196)