Vulnerability CVE-2016-3620

Vulnerability Name:

CVE-2016-3620 (CCN-112048)

Assigned:

2016-04-07

Published:

2016-04-07

Updated:

2017-09-03

Summary:

The ZIPEncode function in tif_zip.c in the bmp2tiff tool in LibTIFF 4.0.6 and earlier, when the "-c zip" option is used, allows remote attackers to cause a denial of service (buffer over-read) via a crafted BMP image.

CVSS v3 Severity:

7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
6.5 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

4.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)
3.8 Low (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): Required
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

4.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

Vulnerability Type:

CWE-125

Vulnerability Consequences:

Denial of Service

References:

Source: MISC
Type: Exploit, Issue Tracking, Third Party Advisory
http://bugzilla.maptools.org/show_bug.cgi?id=2570

Source: MITRE
Type: CNA
CVE-2016-3620

Source: CCN
Type: oss-sec Mailing List, Thu, 7 Apr 2016 07:36:20 +0000
CVE-2016-3620 libtiff: Out-of-bounds Read in the bmp2tiff tool

Source: CCN
Type: IBM Security Bulletin 882120 (Dynamic System Analysis (DSA) Preboot)
IBM Dynamic System Analysis (DSA) Preboot is affected by vulnerabilities in libTIFF

Source: MLIST
Type: Exploit, Third Party Advisory
[oss-security] 20160407 CVE-2016-3620 libtiff: Out-of-bounds Read in the bmp2tiff tool

Source: CCN
Type: LibTIFF Web site
LibTIFF - TIFF Library and Utilities

Source: SECTRACK
Type: UNKNOWN
1035508

Source: XF
Type: UNKNOWN
libtiff-cve20163620-dos(112048)

Source: GENTOO
Type: UNKNOWN
GLSA-201701-16

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2016-3620

Vulnerable Configuration:

Configuration 1:

cpe:/a:libtiff:libtiff:*:*:*:*:*:*:*:* (Version <= 4.0.6)

Configuration CCN 1:

cpe:/a:libtiff:libtiff:4.0.5:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20163620	V	CVE-2016-3620	2022-05-20
oval:org.opensuse.security:def:30288	P	Security update for java-1_8_0-ibm (Important) (in QA)	2022-01-04
oval:org.opensuse.security:def:34595	P	Security update for postgresql10 (Important)	2021-11-22
oval:org.opensuse.security:def:31705	P	Security update for postgresql, postgresql13, postgresql14 (Important)	2021-11-20
oval:org.opensuse.security:def:29446	P	Security update for postgresql, postgresql13, postgresql14 (Important)	2021-11-20
oval:org.opensuse.security:def:30120	P	Security update for bind (Moderate)	2021-08-30
oval:org.opensuse.security:def:33699	P	Security update for MozillaFirefox (Important)	2021-08-17
oval:org.opensuse.security:def:34505	P	Security update for libcares2 (Important)	2021-08-16
oval:org.opensuse.security:def:30109	P	Security update for djvulibre (Important)	2021-08-05
oval:org.opensuse.security:def:30108	P	Security update for libsndfile (Critical)	2021-08-05
oval:org.opensuse.security:def:31661	P	Security update for webkit2gtk3 (Important)	2021-08-03
oval:org.opensuse.security:def:32954	P	Security update for libnettle (Important)	2021-06-23
oval:org.opensuse.security:def:31639	P	Security update for freeradius-server (Moderate)	2021-06-11
oval:org.opensuse.security:def:36434	P	libapr1-1.3.3-11.18.19.8 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36392	P	dhcp-devel-4.2.4.P2-0.22.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:34448	P	Security update for libwebp (Critical)	2021-06-02
oval:org.opensuse.security:def:33655	P	Security update for curl (Moderate)	2021-05-27
oval:org.opensuse.security:def:30194	P	Security update for the Linux Kernel (Important)	2021-05-17
oval:org.opensuse.security:def:33631	P	Security update for spamassassin (Important)	2021-04-12
oval:org.opensuse.security:def:33089	P	Security update for python-cryptography (Important)	2021-03-02
oval:org.opensuse.security:def:35285	P	Security update for avahi (Moderate)	2021-02-23
oval:org.opensuse.security:def:31339	P	Security update for the Linux Kernel (Important)	2021-02-12
oval:org.opensuse.security:def:28934	P	Security update for openvswitch (Important)	2021-02-12
oval:org.opensuse.security:def:31252	P	Security update for openvswitch (Important)	2021-02-02
oval:org.opensuse.security:def:31195	P	Security update for java-1_7_1-ibm (Moderate)	2021-01-04
oval:org.opensuse.security:def:34337	P	Security update for python36 (Important)	2020-12-17
oval:org.opensuse.security:def:28865	P	Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP2) (Important)	2020-12-07
oval:org.opensuse.security:def:35754	P	libmysqlclient15-32bit-5.0.94-0.2.4.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35710	P	gnome-screensaver-2.28.3-0.28.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35682	P	cyrus-imapd-2.3.11-60.65.64.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35643	P	systemtap-1.0-0.15.16 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35594	P	libopensc2-0.11.6-5.25.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35535	P	cyrus-imapd-2.3.11-60.21.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35649	P	wireshark-1.0.5-1.34.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35608	P	libxml2-2.7.6-0.1.37 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:31559	P	Security update for gdm (Important)	2020-12-03
oval:org.opensuse.security:def:30857	P	Security update for dnsmasq (Moderate)	2020-12-01
oval:org.opensuse.security:def:28854	P	Security update for xorg-x11-server (Important)	2020-12-01
oval:org.opensuse.security:def:30818	P	Security update for cpio (Moderate)	2020-12-01
oval:org.opensuse.security:def:28853	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:34350	P	Security update for strongswan (Important)	2020-12-01
oval:org.opensuse.security:def:30769	P	Security update for audiofile (Moderate)	2020-12-01
oval:org.opensuse.security:def:34214	P	Security update for php5 (Important)	2020-12-01
oval:org.opensuse.security:def:30714	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:34130	P	Security update for ntp (Important)	2020-12-01
oval:org.opensuse.security:def:30559	P	Security update for MySQL	2020-12-01
oval:org.opensuse.security:def:34119	P	Security update for ncurses (Important)	2020-12-01
oval:org.opensuse.security:def:30472	P	Security update for bind	2020-12-01
oval:org.opensuse.security:def:32382	P	Security update for tiff (Moderate)	2020-12-01
oval:org.opensuse.security:def:34118	P	Security update for ncurses (Moderate)	2020-12-01
oval:org.opensuse.security:def:30415	P	Security update for xorg-x11-libXdmcp (Moderate)	2020-12-01
oval:org.opensuse.security:def:32343	P	Security update for spice (Important)	2020-12-01
oval:org.opensuse.security:def:30326	P	Security update for tiff (Moderate)	2020-12-01
oval:org.opensuse.security:def:35375	P	Security update for ntp (Important)	2020-12-01
oval:org.opensuse.security:def:35228	P	Security update for libmspack	2020-12-01
oval:org.opensuse.security:def:31600	P	Security update for tightvnc (Important)	2020-12-01
oval:org.opensuse.security:def:28418	P	Security update for tiff (Moderate)	2020-12-01
oval:org.opensuse.security:def:35127	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:31551	P	Security update for shim	2020-12-01
oval:org.opensuse.security:def:28383	P	Security update for rubygem-activesupport-3_2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:34991	P	Security update for glibc (Important)	2020-12-01
oval:org.opensuse.security:def:31495	P	Security update for Python	2020-12-01
oval:org.opensuse.security:def:27745	P	Security update for MozillaFirefox, mozilla-nss (Important)	2020-12-01
oval:org.opensuse.security:def:34907	P	Security update for dnsmasq (Important)	2020-12-01
oval:org.opensuse.security:def:27701	P	Security update for MozillaFirefox, mozilla-nspr, mozilla-nss (Important)	2020-12-01
oval:org.opensuse.security:def:34896	P	Security update for cyrus-imapd (Low)	2020-12-01
oval:org.opensuse.security:def:27687	P	Security update for xorg-x11-libXext	2020-12-01
oval:org.opensuse.security:def:34377	P	Security update for tiff (Moderate)	2020-12-01
oval:org.opensuse.security:def:34895	P	Security update for cyrus-imapd (Important)	2020-12-01
oval:org.opensuse.security:def:27648	P	Security update for libxslt	2020-12-01
oval:org.opensuse.security:def:31103	P	Security update for kernel-source (Important)	2020-12-01
oval:org.opensuse.security:def:27599	P	Security update for PHP5	2020-12-01
oval:org.opensuse.security:def:30971	P	Security update for gtk2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:27546	P	python-logilab-common on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30897	P	Security update for Mozilla Firefox (Important)	2020-12-01
oval:org.opensuse.security:def:27395	P	evolution on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30886	P	Security update for Mozilla Firefox	2020-12-01
oval:org.opensuse.security:def:27311	P	unixODBC_23 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33592	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:30325	P	Security update for tiff (Moderate)	2020-12-01
oval:org.opensuse.security:def:30885	P	Security update for MozillaFirefox	2020-12-01
oval:org.opensuse.security:def:27254	P	openvpn on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33543	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:27173	P	libapr-util1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33486	P	Security update for libpoppler	2020-12-01
oval:org.opensuse.security:def:29650	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:27045	P	tgt on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33329	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:29606	P	Security update for bash (Moderate)	2020-12-01
oval:org.opensuse.security:def:26981	P	libxml2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33241	P	python on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29588	P	Security update for php5	2020-12-01
oval:org.opensuse.security:def:26970	P	libsamplerate on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33184	P	libsss_idmap0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29549	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:26969	P	librsvg on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29500	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:34970	P	Security update for gd (Moderate)	2020-12-01
oval:org.opensuse.security:def:34926	P	Security update for expat (Moderate)	2020-12-01
oval:org.opensuse.security:def:32875	P	gstreamer-0_10-plugins-base on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29293	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:34900	P	Security update for dhcp (Moderate)	2020-12-01
oval:org.opensuse.security:def:32864	P	fuse on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29208	P	Security update for openssl (Moderate)	2020-12-01
oval:org.opensuse.security:def:34861	P	Security update for clamav (Moderate)	2020-12-01
oval:org.opensuse.security:def:31597	P	Security update for tiff (Moderate)	2020-12-01
oval:org.opensuse.security:def:32863	P	freetype2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29151	P	Security update for libssh2_org (Moderate)	2020-12-01
oval:org.opensuse.security:def:34812	P	Security update for apache2-mod_perl (Moderate)	2020-12-01
oval:org.opensuse.security:def:29065	P	Security update for clamav (Important)	2020-12-01
oval:org.opensuse.security:def:34754	P	Security update for MozillaFirefox, mozilla-nss, mozilla-nspr (Important)	2020-12-01
oval:org.opensuse.security:def:30921	P	Security update for gd (Moderate)	2020-12-01
oval:org.opensuse.security:def:30877	P	Security update for facter (Moderate)	2020-12-01
oval:com.ubuntu.artful:def:20163620000	V	CVE-2016-3620 on Ubuntu 17.10 (artful) - negligible.	2016-10-03
oval:com.ubuntu.precise:def:20163620000	V	CVE-2016-3620 on Ubuntu 12.04 LTS (precise) - low.	2016-10-03
oval:com.ubuntu.xenial:def:201636200000000	V	CVE-2016-3620 on Ubuntu 16.04 LTS (xenial) - negligible.	2016-10-03
oval:com.ubuntu.trusty:def:20163620000	V	CVE-2016-3620 on Ubuntu 14.04 LTS (trusty) - negligible.	2016-10-03
oval:com.ubuntu.xenial:def:20163620000	V	CVE-2016-3620 on Ubuntu 16.04 LTS (xenial) - negligible.	2016-10-03

BACK