CVE-2017-9117 — MEDIUM (4.0)

Vulnerability Description

In LibTIFF 4.0.6 and possibly other versions, the program processes BMP images without verifying that biWidth and biHeight in the bitmap-information header match the actual input, as demonstrated by a heap-based buffer over-read in bmp2tiff. NOTE: mentioning bmp2tiff does not imply that the activation point is in the bmp2tiff.c file (which was removed before the 4.0.7 release).

CVSS Score

4.0

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

LOW

Affected Products

Vendor	Product	Versions
Libtiff	Libtiff	4.0.7
Canonical	Ubuntu Linux	14.04

Related Weaknesses (CWE)

CWE-125

References

http://bugzilla.maptools.org/show_bug.cgi?id=2690ExploitIssue TrackingThird Party Advisory
http://www.securityfocus.com/bid/98581Third Party AdvisoryVDB Entry
https://gitlab.com/libtiff/libtiff/-/issues/89
https://usn.ubuntu.com/3606-1/Third Party Advisory
http://bugzilla.maptools.org/show_bug.cgi?id=2690ExploitIssue TrackingThird Party Advisory
http://www.securityfocus.com/bid/98581Third Party AdvisoryVDB Entry
https://usn.ubuntu.com/3606-1/Third Party Advisory

FAQ

What is CVE-2017-9117?

CVE-2017-9117 is a vulnerability with a CVSS score of 4.0 (MEDIUM). In LibTIFF 4.0.6 and possibly other versions, the program processes BMP images without verifying that biWidth and biHeight in the bitmap-information header match the actual input, as demonstrated by a...

How severe is CVE-2017-9117?

CVE-2017-9117 has been rated MEDIUM with a CVSS base score of 4.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2017-9117?

Check the references section above for vendor advisories and patch information. Affected products include: Libtiff Libtiff, Canonical Ubuntu Linux.