Vulnerability CVE-2015-8870

Vulnerability Name:

CVE-2015-8870 (CCN-120073)

Assigned:

2015-01-28

Published:

2015-01-28

Updated:

2018-01-05

Summary:

Integer overflow in tools/bmp2tiff.c in LibTIFF before 4.0.4 allows remote attackers to cause a denial of service (heap-based buffer over-read), or possibly obtain sensitive information from process memory, via crafted width and length values in RLE4 or RLE8 data in a BMP file.

CVSS v3 Severity:

7.4 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H)
6.4 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): None Availibility (A): High

5.4 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L)
4.7 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): Required
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): None Availibility (A): Low

4.4 Medium (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L)
3.9 Low (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): Required
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): None Availibility (A): Low

CVSS v2 Severity:

5.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): Partial

5.5 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): Partial

5.8 Medium (REDHAT CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): Partial

Vulnerability Type:

CWE-190
CWE-20

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2015-8870

Source: CONFIRM
Type: Patch
http://download.osgeo.org/libtiff/tiff-4.0.4.tar.gz

Source: CCN
Type: RHSA-2017-0225
Moderate: libtiff security update

Source: REDHAT
Type: UNKNOWN
RHSA-2017:0225

Source: CCN
Type: floyd's Blog, January 28, 2015
About the CVEs in libtiff 4.0.3

Source: MISC
Type: Third Party Advisory
http://www.floyd.ch/?p=874BMP

Source: CCN
Type: IBM Security Bulletin 882120 (Dynamic System Analysis (DSA) Preboot)
IBM Dynamic System Analysis (DSA) Preboot is affected by vulnerabilities in libTIFF

Source: BID
Type: UNKNOWN
94717

Source: CCN
Type: BID-94717
LibTIFF CVE-2015-8870 Integer Overflow Vulnerability

Source: XF
Type: UNKNOWN
libtiff-cve20158870-dos(120073)

Source: CCN
Type: LibTIFF GIT Repository
LibTIFF

Vulnerable Configuration:

Configuration 1:

cpe:/a:libtiff:libtiff:*:*:*:*:*:*:*:* (Version <= 4.0.3)

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:6:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:6::client:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:6::computenode:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:6::server:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:6::workstation:*:*:*:*:*

Configuration RedHat 6:

cpe:/o:redhat:enterprise_linux:7:*:*:*:*:*:*:*

Configuration RedHat 7:

cpe:/o:redhat:enterprise_linux:7::client:*:*:*:*:*

Configuration RedHat 8:

cpe:/o:redhat:enterprise_linux:7::computenode:*:*:*:*:*

Configuration RedHat 9:

cpe:/o:redhat:enterprise_linux:7::server:*:*:*:*:*

Configuration RedHat 10:

cpe:/o:redhat:enterprise_linux:7::workstation:*:*:*:*:*

Configuration CCN 1:

cpe:/a:libtiff:libtiff:4.0.3:*:*:*:*:*:*:*

AND

cpe:/o:redhat:enterprise_linux_desktop:7:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_server:7:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_workstation:7:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_desktop:6:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_hpc_node:6:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_server:6:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_workstation:6:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20158870	V	CVE-2015-8870	2022-05-20
oval:org.opensuse.security:def:30288	P	Security update for java-1_8_0-ibm (Important) (in QA)	2022-01-04
oval:org.opensuse.security:def:34595	P	Security update for postgresql10 (Important)	2021-11-22
oval:org.opensuse.security:def:31705	P	Security update for postgresql, postgresql13, postgresql14 (Important)	2021-11-20
oval:org.opensuse.security:def:29446	P	Security update for postgresql, postgresql13, postgresql14 (Important)	2021-11-20
oval:org.opensuse.security:def:30120	P	Security update for bind (Moderate)	2021-08-30
oval:org.opensuse.security:def:33699	P	Security update for MozillaFirefox (Important)	2021-08-17
oval:org.opensuse.security:def:34505	P	Security update for libcares2 (Important)	2021-08-16
oval:org.opensuse.security:def:30109	P	Security update for djvulibre (Important)	2021-08-05
oval:org.opensuse.security:def:30108	P	Security update for libsndfile (Critical)	2021-08-05
oval:org.opensuse.security:def:31661	P	Security update for webkit2gtk3 (Important)	2021-08-03
oval:org.opensuse.security:def:32954	P	Security update for libnettle (Important)	2021-06-23
oval:org.opensuse.security:def:31639	P	Security update for freeradius-server (Moderate)	2021-06-11
oval:org.opensuse.security:def:36434	P	libapr1-1.3.3-11.18.19.8 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36392	P	dhcp-devel-4.2.4.P2-0.22.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:34448	P	Security update for libwebp (Critical)	2021-06-02
oval:org.opensuse.security:def:33655	P	Security update for curl (Moderate)	2021-05-27
oval:org.opensuse.security:def:30194	P	Security update for the Linux Kernel (Important)	2021-05-17
oval:org.opensuse.security:def:33631	P	Security update for spamassassin (Important)	2021-04-12
oval:org.opensuse.security:def:33089	P	Security update for python-cryptography (Important)	2021-03-02
oval:org.opensuse.security:def:35285	P	Security update for avahi (Moderate)	2021-02-23
oval:org.opensuse.security:def:31339	P	Security update for the Linux Kernel (Important)	2021-02-12
oval:org.opensuse.security:def:28934	P	Security update for openvswitch (Important)	2021-02-12
oval:org.opensuse.security:def:31252	P	Security update for openvswitch (Important)	2021-02-02
oval:org.opensuse.security:def:31195	P	Security update for java-1_7_1-ibm (Moderate)	2021-01-04
oval:org.opensuse.security:def:34337	P	Security update for python36 (Important)	2020-12-17
oval:org.opensuse.security:def:28865	P	Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP2) (Important)	2020-12-07
oval:org.opensuse.security:def:35754	P	libmysqlclient15-32bit-5.0.94-0.2.4.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35710	P	gnome-screensaver-2.28.3-0.28.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35682	P	cyrus-imapd-2.3.11-60.65.64.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35643	P	systemtap-1.0-0.15.16 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35594	P	libopensc2-0.11.6-5.25.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35535	P	cyrus-imapd-2.3.11-60.21.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35649	P	wireshark-1.0.5-1.34.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35608	P	libxml2-2.7.6-0.1.37 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:31559	P	Security update for gdm (Important)	2020-12-03
oval:org.opensuse.security:def:30857	P	Security update for dnsmasq (Moderate)	2020-12-01
oval:org.opensuse.security:def:28854	P	Security update for xorg-x11-server (Important)	2020-12-01
oval:org.opensuse.security:def:30818	P	Security update for cpio (Moderate)	2020-12-01
oval:org.opensuse.security:def:28853	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:34350	P	Security update for strongswan (Important)	2020-12-01
oval:org.opensuse.security:def:30769	P	Security update for audiofile (Moderate)	2020-12-01
oval:org.opensuse.security:def:34214	P	Security update for php5 (Important)	2020-12-01
oval:org.opensuse.security:def:30714	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:34130	P	Security update for ntp (Important)	2020-12-01
oval:org.opensuse.security:def:30559	P	Security update for MySQL	2020-12-01
oval:org.opensuse.security:def:34119	P	Security update for ncurses (Important)	2020-12-01
oval:org.opensuse.security:def:30472	P	Security update for bind	2020-12-01
oval:org.opensuse.security:def:32382	P	Security update for tiff (Moderate)	2020-12-01
oval:org.opensuse.security:def:34118	P	Security update for ncurses (Moderate)	2020-12-01
oval:org.opensuse.security:def:30415	P	Security update for xorg-x11-libXdmcp (Moderate)	2020-12-01
oval:org.opensuse.security:def:32343	P	Security update for spice (Important)	2020-12-01
oval:org.opensuse.security:def:30326	P	Security update for tiff (Moderate)	2020-12-01
oval:org.opensuse.security:def:35375	P	Security update for ntp (Important)	2020-12-01
oval:org.opensuse.security:def:35228	P	Security update for libmspack	2020-12-01
oval:org.opensuse.security:def:31600	P	Security update for tightvnc (Important)	2020-12-01
oval:org.opensuse.security:def:28418	P	Security update for tiff (Moderate)	2020-12-01
oval:org.opensuse.security:def:35127	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:31551	P	Security update for shim	2020-12-01
oval:org.opensuse.security:def:28383	P	Security update for rubygem-activesupport-3_2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:34991	P	Security update for glibc (Important)	2020-12-01
oval:org.opensuse.security:def:31495	P	Security update for Python	2020-12-01
oval:org.opensuse.security:def:27745	P	Security update for MozillaFirefox, mozilla-nss (Important)	2020-12-01
oval:org.opensuse.security:def:34907	P	Security update for dnsmasq (Important)	2020-12-01
oval:org.opensuse.security:def:27701	P	Security update for MozillaFirefox, mozilla-nspr, mozilla-nss (Important)	2020-12-01
oval:org.opensuse.security:def:34896	P	Security update for cyrus-imapd (Low)	2020-12-01
oval:org.opensuse.security:def:27687	P	Security update for xorg-x11-libXext	2020-12-01
oval:org.opensuse.security:def:34377	P	Security update for tiff (Moderate)	2020-12-01
oval:org.opensuse.security:def:34895	P	Security update for cyrus-imapd (Important)	2020-12-01
oval:org.opensuse.security:def:27648	P	Security update for libxslt	2020-12-01
oval:org.opensuse.security:def:31103	P	Security update for kernel-source (Important)	2020-12-01
oval:org.opensuse.security:def:27599	P	Security update for PHP5	2020-12-01
oval:org.opensuse.security:def:30971	P	Security update for gtk2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:27546	P	python-logilab-common on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30897	P	Security update for Mozilla Firefox (Important)	2020-12-01
oval:org.opensuse.security:def:27395	P	evolution on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30886	P	Security update for Mozilla Firefox	2020-12-01
oval:org.opensuse.security:def:27311	P	unixODBC_23 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33592	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:30325	P	Security update for tiff (Moderate)	2020-12-01
oval:org.opensuse.security:def:30885	P	Security update for MozillaFirefox	2020-12-01
oval:org.opensuse.security:def:27254	P	openvpn on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33543	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:27173	P	libapr-util1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33486	P	Security update for libpoppler	2020-12-01
oval:org.opensuse.security:def:29650	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:27045	P	tgt on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33329	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:29606	P	Security update for bash (Moderate)	2020-12-01
oval:org.opensuse.security:def:26981	P	libxml2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33241	P	python on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29588	P	Security update for php5	2020-12-01
oval:org.opensuse.security:def:26970	P	libsamplerate on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33184	P	libsss_idmap0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29549	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:26969	P	librsvg on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29500	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:34970	P	Security update for gd (Moderate)	2020-12-01
oval:org.opensuse.security:def:34926	P	Security update for expat (Moderate)	2020-12-01
oval:org.opensuse.security:def:32875	P	gstreamer-0_10-plugins-base on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29293	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:34900	P	Security update for dhcp (Moderate)	2020-12-01
oval:org.opensuse.security:def:32864	P	fuse on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29208	P	Security update for openssl (Moderate)	2020-12-01
oval:org.opensuse.security:def:34861	P	Security update for clamav (Moderate)	2020-12-01
oval:org.opensuse.security:def:31597	P	Security update for tiff (Moderate)	2020-12-01
oval:org.opensuse.security:def:32863	P	freetype2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29151	P	Security update for libssh2_org (Moderate)	2020-12-01
oval:org.opensuse.security:def:34812	P	Security update for apache2-mod_perl (Moderate)	2020-12-01
oval:org.opensuse.security:def:29065	P	Security update for clamav (Important)	2020-12-01
oval:org.opensuse.security:def:34754	P	Security update for MozillaFirefox, mozilla-nss, mozilla-nspr (Important)	2020-12-01
oval:org.opensuse.security:def:30921	P	Security update for gd (Moderate)	2020-12-01
oval:org.opensuse.security:def:30877	P	Security update for facter (Moderate)	2020-12-01
oval:com.redhat.rhsa:def:20170225	P	RHSA-2017:0225: libtiff security update (Moderate)	2017-02-01
oval:com.ubuntu.precise:def:20158870000	V	CVE-2015-8870 on Ubuntu 12.04 LTS (precise) - medium.	2016-12-06
oval:com.ubuntu.xenial:def:201588700000000	V	CVE-2015-8870 on Ubuntu 16.04 LTS (xenial) - medium.	2016-12-06
oval:com.ubuntu.trusty:def:20158870000	V	CVE-2015-8870 on Ubuntu 14.04 LTS (trusty) - medium.	2016-12-06
oval:com.ubuntu.xenial:def:20158870000	V	CVE-2015-8870 on Ubuntu 16.04 LTS (xenial) - medium.	2016-12-06

BACK