CVE-2019-17546 - tif_getimage.c in LibTIFF through 4.0.10, as used in GDAL through 3.0.1 and other products, has an i

CVE-2019-17546

Summary

tif_getimage.c in LibTIFF through 4.0.10, as used in GDAL through 3.0.1 and other products, has an integer overflow that potentially causes a heap-based buffer overflow via a crafted RGBA image, related to a "Negative-size-param" condition.

References

Vulnerable Configurations

cpe:2.3:a:libtiff:libtiff:-:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:-:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.4:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.4:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.4:beta18:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.4:beta18:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.4:beta24:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.4:beta24:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.4:beta28:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.4:beta28:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.4:beta29:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.4:beta29:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.4:beta31:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.4:beta31:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.4:beta32:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.4:beta32:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.4:beta34:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.4:beta34:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.4:beta35:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.4:beta35:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.4:beta36:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.4:beta36:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.4:beta37:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.4:beta37:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.5.1:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.5.1:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.5.2:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.5.2:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.5.3:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.5.3:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.5.4:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.5.4:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.5.5:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.5.5:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.5.6:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.5.6:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.5.6:beta:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.5.6:beta:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.5.7:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.5.7:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.5.7:alpha:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.5.7:alpha:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.5.7:alpha2:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.5.7:alpha2:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.5.7:alpha3:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.5.7:alpha3:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.5.7:alpha4:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.5.7:alpha4:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.5.7:beta:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.5.7:beta:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.6.0:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.6.0:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.6.0:beta:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.6.0:beta:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.6.0:beta2:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.6.0:beta2:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.6.1:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.6.1:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.7.0:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.7.0:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.7.0:alpha:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.7.0:alpha:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.7.0:beta:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.7.0:beta:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.7.0:beta2:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.7.0:beta2:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.7.1:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.7.1:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.7.2:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.7.2:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.7.3:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.7.3:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.7.4:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.7.4:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.8.0:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.8.0:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.8.1:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.8.1:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.8.2:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.8.2:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.9:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.9:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.9.0:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.9.0:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.9.0:beta:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.9.0:beta:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.9.1:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.9.1:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.9.2:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.9.2:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.9.2-5.2.1:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.9.2-5.2.1:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.9.3:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.9.3:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.9.4:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.9.4:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.9.5:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.9.5:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.9.6:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.9.6:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.9.7:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:3.9.7:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:4.0:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:4.0:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:4.0:alpha:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:4.0:alpha:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:4.0:beta1:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:4.0:beta1:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:4.0:beta2:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:4.0:beta2:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:4.0:beta3:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:4.0:beta3:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:4.0:beta4:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:4.0:beta4:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:4.0:beta5:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:4.0:beta5:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:4.0:beta6:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:4.0:beta6:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:4.0.0:-:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:4.0.0:-:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:4.0.0:alpha:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:4.0.0:alpha:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:4.0.0:alpha4:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:4.0.0:alpha4:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:4.0.0:alpha5:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:4.0.0:alpha5:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:4.0.0:alpha6:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:4.0.0:alpha6:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:4.0.0:beta7:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:4.0.0:beta7:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:4.0.1:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:4.0.1:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:4.0.2:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:4.0.2:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:4.0.3:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:4.0.3:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:4.0.4:-:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:4.0.4:-:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:4.0.4:beta:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:4.0.4:beta:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:4.0.5:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:4.0.5:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:4.0.6:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:4.0.6:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:4.0.7:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:4.0.7:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:4.0.8:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:4.0.8:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:4.0.9:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:4.0.9:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:4.0.10:*:*:*:*:*:*:*
cpe:2.3:a:libtiff:libtiff:4.0.10:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.1.5:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.1.5:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.1.6:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.1.6:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.1.7:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.1.7:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.1.8:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.1.8:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.1.9:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.1.9:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.2.0:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.2.0:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.2.2:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.2.2:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.2.3:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.2.3:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.2.4:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.2.4:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.2.5:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.2.5:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.2.6:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.2.6:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.3.0:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.3.0:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.3.1:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.3.1:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.3.2:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.3.2:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.4.0:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.4.0:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.4.1:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.4.1:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.4.2:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.4.2:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.4.3:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.4.3:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.4.4:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.4.4:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.4.5:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.4.5:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.5.0:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.5.0:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.5.1:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.5.1:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.5.2:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.5.2:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.5.3:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.5.3:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.5.4:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.5.4:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.6.0:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.6.0:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.6.1:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.6.1:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.6.2:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.6.2:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.6.3:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.6.3:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.7.0:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.7.0:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.7.1:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.7.1:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.7.2:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.7.2:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.7.3:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.7.3:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.8.0:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.8.0:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.8.1:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.8.1:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.9.0:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.9.0:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.9.1:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.9.1:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.9.2:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.9.2:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.10.0:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.10.0:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.10.1:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.10.1:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.11.0:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.11.0:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.11.1:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.11.1:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.11.2:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.11.2:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.11.3:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.11.3:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.11.4:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.11.4:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.11.5:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:1.11.5:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:2.0.3:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:2.0.3:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:2.1.0:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:2.1.0:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:2.1.1:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:2.1.1:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:2.1.2:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:2.1.2:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:2.1.3:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:2.1.3:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:2.1.4:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:2.1.4:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:2.2.0:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:2.2.0:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:2.2.1:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:2.2.1:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:2.2.2:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:2.2.2:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:2.2.3:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:2.2.3:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:2.2.4:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:2.2.4:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:2.3.0:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:2.3.0:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:2.3.1:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:2.3.1:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:2.3.2:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:2.3.2:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:2.3.3:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:2.3.3:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:2.4.0:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:2.4.0:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:2.4.1:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:2.4.1:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:2.4.2:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:2.4.2:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:2.4.3:rc1:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:2.4.3:rc1:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:3.0.0:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:3.0.0:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:osgeo:gdal:3.0.1:*:*:*:*:*:*:*

CVSS

Base:	6.8 (as of 24-08-2020 - 17:37)
Impact:
Exploitability:

CWE

CWE-190

CAPEC

Forced Integer Overflow
This attack forces an integer variable to go out of range. The integer variable is often used as an offset such as size of memory allocation or similarly. The attacker would typically control the value of such variable and try to get it out of range. For instance the integer in question is incremented past the maximum possible value, it may wrap to become a very small, or negative number, therefore providing a very incorrect value which can lead to unexpected behavior. At worst the attacker can execute arbitrary code.

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:M/Au:N/C:P/I:P/A:P

redhat via4

advisories

bugzilla

id	1765705
title	CVE-2019-17546 libtiff: integer overflow leading to heap-based buffer overflow in tif_getimage.c

oval

comment Red Hat Enterprise Linux must be installed
oval oval:com.redhat.rhba:tst:20070304026

AND

comment Red Hat Enterprise Linux 7 is installed
oval oval:com.redhat.rhba:tst:20150364027

AND
comment libtiff is earlier than 0:4.0.3-35.el7
oval oval:com.redhat.rhsa:tst:20203902001
comment libtiff is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110318007
AND
comment libtiff-devel is earlier than 0:4.0.3-35.el7
oval oval:com.redhat.rhsa:tst:20203902003
comment libtiff-devel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110318009

AND

comment libtiff-static is earlier than 0:4.0.3-35.el7
oval oval:com.redhat.rhsa:tst:20203902005
comment libtiff-static is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110318011

AND
comment libtiff-tools is earlier than 0:4.0.3-35.el7
oval oval:com.redhat.rhsa:tst:20203902007
comment libtiff-tools is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20161546008

rhsa

id	RHSA-2020:3902
released	2020-09-29
severity	Moderate
title	RHSA-2020:3902: libtiff security update (Moderate)

bugzilla

id	1765705
title	CVE-2019-17546 libtiff: integer overflow leading to heap-based buffer overflow in tif_getimage.c

oval

comment Red Hat Enterprise Linux must be installed
oval oval:com.redhat.rhba:tst:20070304026

AND

comment Red Hat Enterprise Linux 8 is installed
oval oval:com.redhat.rhba:tst:20193384074

AND
comment libtiff is earlier than 0:4.0.9-18.el8
oval oval:com.redhat.rhsa:tst:20204634001
comment libtiff is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110318007

AND

comment libtiff-debugsource is earlier than 0:4.0.9-18.el8
oval oval:com.redhat.rhsa:tst:20204634003
comment libtiff-debugsource is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193419004

AND
comment libtiff-devel is earlier than 0:4.0.9-18.el8
oval oval:com.redhat.rhsa:tst:20204634005
comment libtiff-devel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110318009
AND
comment libtiff-tools is earlier than 0:4.0.9-18.el8
oval oval:com.redhat.rhsa:tst:20204634007
comment libtiff-tools is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20161546008

rhsa

id	RHSA-2020:4634
released	2020-11-04
severity	Moderate
title	RHSA-2020:4634: libtiff security update (Moderate)

rpms

libtiff-0:4.0.3-35.el7
libtiff-debuginfo-0:4.0.3-35.el7
libtiff-devel-0:4.0.3-35.el7
libtiff-static-0:4.0.3-35.el7
libtiff-tools-0:4.0.3-35.el7
libtiff-0:4.0.9-18.el8
libtiff-debuginfo-0:4.0.9-18.el8
libtiff-debugsource-0:4.0.9-18.el8
libtiff-devel-0:4.0.9-18.el8
libtiff-tools-0:4.0.9-18.el8
libtiff-tools-debuginfo-0:4.0.9-18.el8

refmap via4

bugtraq	20200121 [SECURITY] [DSA 4608-1] tiff security update
debian	DSA-4608 DSA-4670
fedora	FEDORA-2020-2e9bd06377 FEDORA-2020-6f1209bb45
gentoo	GLSA-202003-25
misc	https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16443 https://github.com/OSGeo/gdal/commit/21674033ee246f698887604c7af7ba1962a40ddf https://gitlab.com/libtiff/libtiff/commit/4bb584a35f87af42d6cf09d15e9ce8909a839145
mlist	[debian-lts-announce] 20191126 [SECURITY] [DLA 2009-1] tiff security update [debian-lts-announce] 20200318 [SECURITY] [DLA 2147-1] gdal security update

Last major update

24-08-2020 - 17:37

Published

14-10-2019 - 02:15

Last modified

24-08-2020 - 17:37