CVE-2016-9537

Priority
Description
tools/tiffcrop.c in libtiff 4.0.6 has out-of-bounds write vulnerabilities
in buffers. Reported as MSVR 35093, MSVR 35096, and MSVR 35097.
Notes
tyhicksRating as low since the flaw is in the tools rather than the
library
mdeslaursame commit as CVE-2016-9533
Package
Source: tiff (LP Ubuntu Debian)
Upstream:released (4.0.7-1)
Ubuntu 12.04 ESM (Precise Pangolin):released (3.9.5-2ubuntu1.10)
Ubuntu 14.04 ESM (Trusty Tahr):released (4.0.3-7ubuntu0.6)
Ubuntu 16.04 LTS (Xenial Xerus):released (4.0.6-1ubuntu0.1)
Patches:
Upstream:https://github.com/vadz/libtiff/commit/83a4b92815ea04969d494416eaae3d4c6b338e4a
More Information

Updated: 2019-12-05 18:46:45 UTC (commit dd38ff22974aae499eb50644b9d5a2817483cbdb)