CVE-2014-8130 — MEDIUM (6.5)

Vulnerability Description

The _TIFFmalloc function in tif_unix.c in LibTIFF 4.0.3 does not reject a zero size, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image that is mishandled by the TIFFWriteScanline function in tif_write.c, as demonstrated by tiffdither.

CVSS Score

6.5

MEDIUM

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Libtiff	Libtiff	4.0.3
Redhat	Enterprise Linux Desktop	6.0
Redhat	Enterprise Linux Server	6.0
Redhat	Enterprise Linux Server Aus	7.2
Redhat	Enterprise Linux Server Eus	7.2
Redhat	Enterprise Linux Server Tus	7.2
Redhat	Enterprise Linux Workstation	6.0
Apple	Mac Os X	10.8.5
Apple	Iphone Os	All versions

Related Weaknesses (CWE)

CWE-369

References

http://bugzilla.maptools.org/show_bug.cgi?id=2483ExploitIssue Tracking
http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.htmlMailing ListThird Party Advisory
http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.htmlMailing ListThird Party Advisory
http://openwall.com/lists/oss-security/2015/01/24/15Mailing List
http://rhn.redhat.com/errata/RHSA-2016-1546.htmlThird Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-1547.htmlThird Party Advisory
http://support.apple.com/kb/HT204941Third Party Advisory
http://support.apple.com/kb/HT204942Third Party Advisory
http://www.conostix.com/pub/adv/CVE-2014-8130-LibTIFF-Division_By_Zero.txtThird Party Advisory
http://www.securityfocus.com/bid/72353Third Party AdvisoryVDB Entry
http://www.securitytracker.com/id/1032760Third Party AdvisoryVDB Entry
https://bugzilla.redhat.com/show_bug.cgi?id=1185817Issue TrackingPatch
https://github.com/vadz/libtiff/commit/3c5eb8b1be544e41d2c336191bc4936300ad7543Patch
https://security.gentoo.org/glsa/201701-16Third Party Advisory
http://bugzilla.maptools.org/show_bug.cgi?id=2483ExploitIssue Tracking

FAQ

What is CVE-2014-8130?

CVE-2014-8130 is a vulnerability with a CVSS score of 6.5 (MEDIUM). The _TIFFmalloc function in tif_unix.c in LibTIFF 4.0.3 does not reject a zero size, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a craft...

How severe is CVE-2014-8130?

CVE-2014-8130 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2014-8130?

Check the references section above for vendor advisories and patch information. Affected products include: Libtiff Libtiff, Redhat Enterprise Linux Desktop, Redhat Enterprise Linux Server, Redhat Enterprise Linux Server Aus, Redhat Enterprise Linux Server Eus.