CVE-2018-12900: Buffer Overflow
First published: Tue Jun 26 2018(Updated: )
Heap-based buffer overflow in the cpSeparateBufToContigBuf function in tiffcp.c in LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0beta7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.0.8 and 4.0.9 allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact via a crafted TIFF file.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| debian/tiff | <=4.0.9-1<=4.0.8-2 | 4.0.8-2+deb9u5 4.0.10-4 |
| Libtiff Libtiff | =4.0.9 | |
| Canonical Ubuntu Linux | =14.04 | |
| Canonical Ubuntu Linux | =16.04 | |
| Canonical Ubuntu Linux | =18.04 | |
| Canonical Ubuntu Linux | =18.10 | |
| debian/tiff | 4.2.0-1+deb11u5 4.5.0-6+deb12u2 4.5.0-6+deb12u1 4.5.1+git230720-5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://bugzilla.maptools.org/show_bug.cgi?id=2798
- https://security-tracker.debian.org/tracker/CVE-2018-12900
- https://security-tracker.debian.org/tracker/CVE-2018-17000
- https://security-tracker.debian.org/tracker/CVE-2018-19210
- https://security-tracker.debian.org/tracker/CVE-2019-6128
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=902718
- https://access.redhat.com/errata/RHSA-2019:2053
- https://access.redhat.com/errata/RHSA-2019:3419
- https://github.com/Hack-Me/Pocs_for_Multi_Versions/tree/main/CVE-2018-12900
- https://lists.debian.org/debian-lts-announce/2019/11/msg00027.html
- https://usn.ubuntu.com/3906-1/
- https://usn.ubuntu.com/3906-2/
- https://www.debian.org/security/2020/dsa-4670
- https://launchpad.net/bugs/cve/CVE-2018-12900
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1595576
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1595578
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1595577
- https://access.redhat.com/security/cve/cve-2018-12900
- https://bugzilla.redhat.com/show_bug.cgi?id=1595575
- https://gitlab.com/libtiff/libtiff/merge_requests/60
- https://gitlab.com/libtiff/libtiff/commit/27124e9148b2056d0e0bf4033b4924d5d2a38d01
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12900
- https://nvd.nist.gov/vuln/detail/CVE-2018-12900
- https://ubuntu.com/security/CVE-2018-12900
- collector/debian-bugs
- alias/CVE-2018-12900
- collector/nvd-index
- agent/type
- collector/launchpad-cve
- source/Launchpad
- collector/redhat-bugzilla
- source/Red Hat
- agent/author
- agent/remedy
- agent/severity
- agent/weakness
- collector/mitre-cve
- source/MITRE
- collector/security-tracker-debian
- source/Debian
- agent/software-canonical-lookup
- collector/usn-cve
- source/Ubuntu
- agent/references
- agent/tags
- agent/description
- agent/first-publish-date
- agent/softwarecombine
- agent/event
- collector/nvd-cve
- source/NVD
- agent/last-modified-date
- agent/trending
- package-manager/debian
- vendor/libtiff
- canonical/libtiff libtiff
- version/libtiff libtiff/4.0.9
- vendor/canonical
- canonical/canonical ubuntu linux
- version/canonical ubuntu linux/14.04
- version/canonical ubuntu linux/16.04
- version/canonical ubuntu linux/18.04
- version/canonical ubuntu linux/18.10