CVE-2019-14973
Published: 08/14/2019 06:15:10
_TIFFCheckMalloc and _TIFFCheckRealloc in tif_aux.c in LibTIFF through 4.0.10 mishandle Integer Overflow checks because they rely on compiler behavior that is undefined by the applicable C standards. This can, for example, lead to an application crash.
MEDIUM
CVSS v3: 6.5
CVSS v3: 6.5
Status
| DocFilters Release | Package | State | Justification | Comment |
|---|---|---|---|---|
| 25.1 | libtiff (4.6.0) | Not Affected | Code Not Present | code is not compiled into Document Filters. |
| 24.4 | libtiff (4.6.0) | Not Affected | Code Not Present | code is not compiled into Document Filters. |
| 24.4.0 | libtiff (4.6.0) | Not Affected | Code Not Present | code is not compiled into Document Filters. |
| 24.3 | libtiff (4.6.0) | Not Affected | Code Not Present | code is not compiled into Document Filters. |
| 24.2.1 | libtiff (4.6.0) | Not Affected | Code Not Present | code is not compiled into Document Filters. |
| 24.2 | libtiff (4.6.0) | Not Affected | Code Not Present | code is not compiled into Document Filters. |
| 24.1 | libtiff (4.6.0) | Not Affected | Code Not Present | code is not compiled into Document Filters. |
| 23.3 | libtiff (4.5.1) | Not Affected | Code Not Present | code is not compiled into Document Filters. |
| 23.2.1 | libtiff (4.3.0) | Not Affected | Code Not Present | code is not compiled into Document Filters. |
| 23.2 | libtiff (4.3.0) | Not Affected | Code Not Present | code is not compiled into Document Filters. |
| 23.1 | libtiff (4.3.0) | Not Affected | Code Not Present | code is not compiled into Document Filters. |
| 22.4 | libtiff (4.3.0) | Not Affected | Code Not Present | code is not compiled into Document Filters. |
| 22.3 | libtiff (4.3.0) | Not Affected | Code Not Present | code is not compiled into Document Filters. |
| 22.2 | libtiff (4.3.0) | Not Affected | Code Not Present | code is not compiled into Document Filters. |
| 22.1 | libtiff (4.0.8) | Not Affected | Code Not Present | code is not compiled into Document Filters. |
| 21.11.1 | libtiff (4.0.8) | Not Affected | Code Not Present | code is not compiled into Document Filters. |
| 21.11 | libtiff (4.0.8) | Not Affected | Code Not Present | code is not compiled into Document Filters. |
| 21.8.1 | libtiff (4.0.8) | Not Affected | Code Not Present | code is not compiled into Document Filters. |
| 21.8 | libtiff (4.0.8) | Not Affected | Code Not Present | code is not compiled into Document Filters. |
| 21.5.1 | libtiff (4.0.8) | Not Affected | Code Not Present | code is not compiled into Document Filters. |
| 21.5.0 | libtiff (4.0.8) | Not Affected | Code Not Present | code is not compiled into Document Filters. |
| 21.2.0 | libtiff (4.0.8) | Not Affected | Code Not Present | code is not compiled into Document Filters. |
| 11.4.20 | libtiff (4.0.8) | Not Affected | Code Not Present | code is not compiled into Document Filters. |
| 11.4.19.3667 | libtiff (4.0.8) | Not Affected | Code Not Present | code is not compiled into Document Filters. |
| 11.4.18.3599 | libtiff (4.0.8) | Not Affected | Code Not Present | code is not compiled into Document Filters. |
| 11.4.17 | libtiff (4.0.8) | Not Affected | Code Not Present | code is not compiled into Document Filters. |
| 11.4.16.3445 | libtiff (4.0.8) | Not Affected | Code Not Present | code is not compiled into Document Filters. |
| 11.4.15.3368 | libtiff (4.0.8) | Not Affected | Code Not Present | code is not compiled into Document Filters. |
| 11.4.14.3263 | libtiff (4.0.8) | Not Affected | Code Not Present | code is not compiled into Document Filters. |
| 11.4.13.3179 | libtiff (4.0.8) | Not Affected | Code Not Present | code is not compiled into Document Filters. |
| 11.4.12.3054 | libtiff (4.0.8) | Not Affected | Code Not Present | code is not compiled into Document Filters. |
| 11.4.11.3040 | libtiff (4.0.8) | Not Affected | Code Not Present | code is not compiled into Document Filters. |
| 11.4.11.2990 | libtiff (4.0.8) | Not Affected | Code Not Present | code is not compiled into Document Filters. |
| 11.4.10.2934 | libtiff (4.0.8) | Not Affected | Code Not Present | code is not compiled into Document Filters. |
| 11.4.9.2878 | libtiff (4.0.8) | Not Affected | Code Not Present | code is not compiled into Document Filters. |
| 11.4.8.2822 | libtiff (4.0.8) | Not Affected | Code Not Present | code is not compiled into Document Filters. |
Severity score breakdown
Attack Complexity
LOW
Attack Vector
NETWORK
Availability Impact
HIGH
Base Score
6.5
Base Severity
MEDIUM
Confidentiality Impact
NONE
Integrity Impact
NONE
Privileges Required
NONE
Scope
UNCHANGED
User Interaction
REQUIRED
Vector String
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Version
3.1