Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2016-5315 (GCVE-0-2016-5315)
Vulnerability from cvelistv5
Published
2017-03-07 15:00
Modified
2024-08-06 01:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:01:00.074Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "91204",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91204"
},
{
"name": "[oss-security] 20160615 CVE-2016-5315: libtiff 4.0.6 tif_dir.c: setByteArray() Read access violation",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/06/15/2"
},
{
"name": "GLSA-201701-16",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201701-16"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1346694"
},
{
"name": "DSA-3762",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3762"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-06-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-03-07T12:57:02",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "91204",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91204"
},
{
"name": "[oss-security] 20160615 CVE-2016-5315: libtiff 4.0.6 tif_dir.c: setByteArray() Read access violation",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/06/15/2"
},
{
"name": "GLSA-201701-16",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201701-16"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1346694"
},
{
"name": "DSA-3762",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3762"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-5315",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "91204",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91204"
},
{
"name": "[oss-security] 20160615 CVE-2016-5315: libtiff 4.0.6 tif_dir.c: setByteArray() Read access violation",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/06/15/2"
},
{
"name": "GLSA-201701-16",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-16"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1346694",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1346694"
},
{
"name": "DSA-3762",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3762"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-5315",
"datePublished": "2017-03-07T15:00:00",
"dateReserved": "2016-06-06T00:00:00",
"dateUpdated": "2024-08-06T01:01:00.074Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2016-5315\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2017-03-07T15:59:00.283\",\"lastModified\":\"2025-04-20T01:37:25.860\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image.\"},{\"lang\":\"es\",\"value\":\"La funci\u00f3n setByteArray en tif_dir.c en libtiff 4.0.6 y versiones anteriores permite a atacantes remotos provocar una denegaci\u00f3n de servicio (lectura fuera de l\u00edmites) a trav\u00e9s de una imagen tiff manipulada.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:N/A:P\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-125\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"4.0.6\",\"matchCriteriaId\":\"7DBB051D-E94D-4553-88A6-750BE80B7617\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"}]}]}],\"references\":[{\"url\":\"http://www.debian.org/security/2017/dsa-3762\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2016/06/15/2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/91204\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1346694\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://security.gentoo.org/glsa/201701-16\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.debian.org/security/2017/dsa-3762\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2016/06/15/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/91204\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1346694\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://security.gentoo.org/glsa/201701-16\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]}]}}"
}
}
ghsa-7vx7-8m24-fqv4
Vulnerability from github
Published
2022-05-17 02:56
Modified
2022-05-17 02:56
Severity ?
VLAI Severity ?
Details
The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image.
{
"affected": [],
"aliases": [
"CVE-2016-5315"
],
"database_specific": {
"cwe_ids": [
"CWE-125"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-03-07T15:59:00Z",
"severity": "MODERATE"
},
"details": "The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image.",
"id": "GHSA-7vx7-8m24-fqv4",
"modified": "2022-05-17T02:56:21Z",
"published": "2022-05-17T02:56:21Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5315"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1346694"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201701-16"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2017/dsa-3762"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2016/06/15/2"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/91204"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
gsd-2016-5315
Vulnerability from gsd
Modified
2023-12-13 01:21
Details
The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2016-5315",
"description": "The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image.",
"id": "GSD-2016-5315",
"references": [
"https://www.suse.com/security/cve/CVE-2016-5315.html",
"https://www.debian.org/security/2017/dsa-3762",
"https://ubuntu.com/security/CVE-2016-5315",
"https://advisories.mageia.org/CVE-2016-5315.html",
"https://security.archlinux.org/CVE-2016-5315"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2016-5315"
],
"details": "The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image.",
"id": "GSD-2016-5315",
"modified": "2023-12-13T01:21:25.294535Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-5315",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "91204",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91204"
},
{
"name": "[oss-security] 20160615 CVE-2016-5315: libtiff 4.0.6 tif_dir.c: setByteArray() Read access violation",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/06/15/2"
},
{
"name": "GLSA-201701-16",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-16"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1346694",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1346694"
},
{
"name": "DSA-3762",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3762"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.0.6",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-5315"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201701-16",
"refsource": "GENTOO",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://security.gentoo.org/glsa/201701-16"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1346694",
"refsource": "CONFIRM",
"tags": [
"Issue Tracking",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1346694"
},
{
"name": "91204",
"refsource": "BID",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/91204"
},
{
"name": "[oss-security] 20160615 CVE-2016-5315: libtiff 4.0.6 tif_dir.c: setByteArray() Read access violation",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/06/15/2"
},
{
"name": "DSA-3762",
"refsource": "DEBIAN",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3762"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": true
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
},
"lastModifiedDate": "2017-03-08T16:52Z",
"publishedDate": "2017-03-07T15:59Z"
}
}
}
wid-sec-w-2023-2409
Vulnerability from csaf_certbund
Published
2016-06-14 22:00
Modified
2023-10-08 22:00
Summary
libTIFF: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
libTIFF ist ein Softwarepaket für die Verarbeitung von Bilddateien in Tag Image File Format (TIFF).
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in libTIFF ausnutzen, um beliebigen Programmcode mit den Rechten des Dienstes auszuführen oder um einen Denial of Service Zustand hervorzurufen.
Betroffene Betriebssysteme
- UNIX
- Linux
- Windows
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "libTIFF ist ein Softwarepaket f\u00fcr die Verarbeitung von Bilddateien in Tag Image File Format (TIFF).",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in libTIFF ausnutzen, um beliebigen Programmcode mit den Rechten des Dienstes auszuf\u00fchren oder um einen Denial of Service Zustand hervorzurufen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- UNIX\n- Linux\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-2409 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2016/wid-sec-w-2023-2409.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-2409 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2409"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2023-1855 vom 2023-10-06",
"url": "https://alas.aws.amazon.com/ALAS-2023-1855.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2023-2263 vom 2023-09-21",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2023-2263.html"
},
{
"category": "external",
"summary": "OSS Security Mailing List vom 2016-06-14",
"url": "http://www.openwall.com/lists/oss-security/2016/06/15/1"
},
{
"category": "external",
"summary": "OSS Security Mailing List vom 2016-06-14",
"url": "http://www.openwall.com/lists/oss-security/2016/06/15/2"
},
{
"category": "external",
"summary": "OSS Security Mailing List vom 2016-06-14",
"url": "http://www.openwall.com/lists/oss-security/2016/06/15/3"
},
{
"category": "external",
"summary": "OSS Security Mailing List vom 2016-06-14",
"url": "http://www.openwall.com/lists/oss-security/2016/06/15/5"
},
{
"category": "external",
"summary": "OSS Security Mailing List vom 2016-06-14",
"url": "http://www.openwall.com/lists/oss-security/2016/06/15/6"
},
{
"category": "external",
"summary": "OSS Security Mailing List vom 2016-06-14",
"url": "http://www.openwall.com/lists/oss-security/2016/06/15/7"
},
{
"category": "external",
"summary": "OSS Security Mailing List vom 2016-06-14",
"url": "http://www.openwall.com/lists/oss-security/2016/06/15/8"
},
{
"category": "external",
"summary": "OSS Security Mailing List vom 2016-06-14",
"url": "http://www.openwall.com/lists/oss-security/2016/06/15/9"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2016:1546 vom 2016-08-03",
"url": "https://rhn.redhat.com/errata/RHSA-2016-1546.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2016:1547 vom 2016-08-03",
"url": "https://rhn.redhat.com/errata/RHSA-2016-1547.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2016:2271-1 vom 2016-09-10",
"url": "https://www.suse.com/support/update/announcement/2016/suse-su-20162271-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2016:2527-1 vom 2016-10-13",
"url": "https://www.suse.com/support/update/announcement/2016/suse-su-20162527-1.html"
},
{
"category": "external",
"summary": "F5 Security Advisory SOL89096577 vom 2016-11-08",
"url": "https://support.f5.com/kb/en-us/solutions/public/k/89/sol89096577.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2016:3301-1 vom 2016-12-30",
"url": "https://www.suse.com/support/update/announcement/2016/suse-su-20163301-1.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-3762 vom 2017-01-14",
"url": "https://www.debian.org/security/2017/dsa-3762"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-3212-1 vom 2017-02-27",
"url": "http://www.ubuntu.com/usn/usn-3212-1/"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-3212-2 vom 2017-05-30",
"url": "http://www.ubuntu.com/usn/usn-3212-2/"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-3212-3 vom 2017-07-19",
"url": "http://www.ubuntu.com/usn/usn-3212-3/"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-3212-4 vom 2017-08-07",
"url": "http://www.ubuntu.com/usn/usn-3212-4/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1472-1 vom 2018-05-31",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181472-1.html"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA11023 vom 2020-07-08",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11023"
}
],
"source_lang": "en-US",
"title": "libTIFF: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2023-10-08T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:58:41.982+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2023-2409",
"initial_release_date": "2016-06-14T22:00:00.000+00:00",
"revision_history": [
{
"date": "2016-06-14T22:00:00.000+00:00",
"number": "1",
"summary": "Initial Release"
},
{
"date": "2016-06-14T22:00:00.000+00:00",
"number": "2",
"summary": "Version nicht vorhanden"
},
{
"date": "2016-06-14T22:00:00.000+00:00",
"number": "3",
"summary": "Version nicht vorhanden"
},
{
"date": "2016-08-02T22:00:00.000+00:00",
"number": "4",
"summary": "New remediations available"
},
{
"date": "2016-08-02T22:00:00.000+00:00",
"number": "5",
"summary": "Version nicht vorhanden"
},
{
"date": "2016-08-02T22:00:00.000+00:00",
"number": "6",
"summary": "Version nicht vorhanden"
},
{
"date": "2016-08-02T22:00:00.000+00:00",
"number": "7",
"summary": "Version nicht vorhanden"
},
{
"date": "2016-09-11T22:00:00.000+00:00",
"number": "8",
"summary": "New remediations available"
},
{
"date": "2016-10-13T22:00:00.000+00:00",
"number": "9",
"summary": "New remediations available"
},
{
"date": "2016-11-08T23:00:00.000+00:00",
"number": "10",
"summary": "New remediations available"
},
{
"date": "2016-11-08T23:00:00.000+00:00",
"number": "11",
"summary": "Version nicht vorhanden"
},
{
"date": "2016-12-29T23:00:00.000+00:00",
"number": "12",
"summary": "New remediations available"
},
{
"date": "2017-01-15T23:00:00.000+00:00",
"number": "13",
"summary": "New remediations available"
},
{
"date": "2017-02-27T23:00:00.000+00:00",
"number": "14",
"summary": "New remediations available"
},
{
"date": "2017-05-30T22:00:00.000+00:00",
"number": "15",
"summary": "New remediations available"
},
{
"date": "2017-07-19T22:00:00.000+00:00",
"number": "16",
"summary": "New remediations available"
},
{
"date": "2017-08-07T22:00:00.000+00:00",
"number": "17",
"summary": "New remediations available"
},
{
"date": "2018-05-31T22:00:00.000+00:00",
"number": "18",
"summary": "New remediations available"
},
{
"date": "2020-07-08T22:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von Juniper aufgenommen"
},
{
"date": "2023-09-20T22:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2023-10-08T22:00:00.000+00:00",
"number": "21",
"summary": "Neue Updates von Amazon aufgenommen"
}
],
"status": "final",
"version": "21"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"category": "product_name",
"name": "F5 WebAccelerator",
"product": {
"name": "F5 WebAccelerator",
"product_id": "T001723",
"product_identification_helper": {
"cpe": "cpe:/h:f5:big-ip_webaccelerator:-"
}
}
}
],
"category": "vendor",
"name": "F5"
},
{
"branches": [
{
"category": "product_name",
"name": "Juniper Junos Space \u003c 20.1R1",
"product": {
"name": "Juniper Junos Space \u003c 20.1R1",
"product_id": "T016874",
"product_identification_helper": {
"cpe": "cpe:/a:juniper:junos_space:20.1r1"
}
}
}
],
"category": "vendor",
"name": "Juniper"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source CentOS",
"product": {
"name": "Open Source CentOS",
"product_id": "1727",
"product_identification_helper": {
"cpe": "cpe:/o:centos:centos:-"
}
}
},
{
"category": "product_name",
"name": "Open Source libTIFF \u003c= 4.0.6",
"product": {
"name": "Open Source libTIFF \u003c= 4.0.6",
"product_id": "T006693",
"product_identification_helper": {
"cpe": "cpe:/a:libtiff:libtiff:4.0.6"
}
}
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-5314",
"notes": [
{
"category": "description",
"text": "In libTIFF existieren mehrere Schwachstellen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen oder um m\u00f6glicherweise beliebigen Code mit den Privilegien der libTIFF-nutzenden Applikation auszuf\u00fchren. Bei den Schwachstellen handelt es sich um out-of-bound Lesefehlern, ung\u00fcltigen Lesezugriffen und divide-by-zero-Fehlern."
}
],
"product_status": {
"known_affected": [
"2951",
"T001723",
"T002207",
"67646",
"T000126",
"398363",
"1727"
],
"last_affected": [
"T006693"
]
},
"release_date": "2016-06-14T22:00:00.000+00:00",
"title": "CVE-2016-5314"
},
{
"cve": "CVE-2016-5315",
"notes": [
{
"category": "description",
"text": "In libTIFF existieren mehrere Schwachstellen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen oder um m\u00f6glicherweise beliebigen Code mit den Privilegien der libTIFF-nutzenden Applikation auszuf\u00fchren. Bei den Schwachstellen handelt es sich um out-of-bound Lesefehlern, ung\u00fcltigen Lesezugriffen und divide-by-zero-Fehlern."
}
],
"product_status": {
"known_affected": [
"2951",
"T001723",
"T002207",
"67646",
"T000126",
"398363",
"1727"
],
"last_affected": [
"T006693"
]
},
"release_date": "2016-06-14T22:00:00.000+00:00",
"title": "CVE-2016-5315"
},
{
"cve": "CVE-2016-5316",
"notes": [
{
"category": "description",
"text": "In libTIFF existieren mehrere Schwachstellen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen oder um m\u00f6glicherweise beliebigen Code mit den Privilegien der libTIFF-nutzenden Applikation auszuf\u00fchren. Bei den Schwachstellen handelt es sich um out-of-bound Lesefehlern, ung\u00fcltigen Lesezugriffen und divide-by-zero-Fehlern."
}
],
"product_status": {
"known_affected": [
"2951",
"T001723",
"T002207",
"67646",
"T000126",
"398363",
"1727"
],
"last_affected": [
"T006693"
]
},
"release_date": "2016-06-14T22:00:00.000+00:00",
"title": "CVE-2016-5316"
},
{
"cve": "CVE-2016-5317",
"notes": [
{
"category": "description",
"text": "In libTIFF existieren mehrere Schwachstellen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen oder um m\u00f6glicherweise beliebigen Code mit den Privilegien der libTIFF-nutzenden Applikation auszuf\u00fchren. Bei den Schwachstellen handelt es sich um out-of-bound Lesefehlern, ung\u00fcltigen Lesezugriffen und divide-by-zero-Fehlern."
}
],
"product_status": {
"known_affected": [
"2951",
"T001723",
"T002207",
"67646",
"T000126",
"398363",
"1727"
],
"last_affected": [
"T006693"
]
},
"release_date": "2016-06-14T22:00:00.000+00:00",
"title": "CVE-2016-5317"
},
{
"cve": "CVE-2016-5320",
"notes": [
{
"category": "description",
"text": "In libTIFF existieren mehrere Schwachstellen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen oder um m\u00f6glicherweise beliebigen Code mit den Privilegien der libTIFF-nutzenden Applikation auszuf\u00fchren. Bei den Schwachstellen handelt es sich um out-of-bound Lesefehlern, ung\u00fcltigen Lesezugriffen und divide-by-zero-Fehlern."
}
],
"product_status": {
"known_affected": [
"2951",
"T001723",
"T002207",
"67646",
"T000126",
"398363",
"1727"
],
"last_affected": [
"T006693"
]
},
"release_date": "2016-06-14T22:00:00.000+00:00",
"title": "CVE-2016-5320"
},
{
"cve": "CVE-2016-5321",
"notes": [
{
"category": "description",
"text": "In libTIFF existieren mehrere Schwachstellen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen oder um m\u00f6glicherweise beliebigen Code mit den Privilegien der libTIFF-nutzenden Applikation auszuf\u00fchren. Bei den Schwachstellen handelt es sich um out-of-bound Lesefehlern, ung\u00fcltigen Lesezugriffen und divide-by-zero-Fehlern."
}
],
"product_status": {
"known_affected": [
"2951",
"T001723",
"T002207",
"67646",
"T000126",
"398363",
"1727"
],
"last_affected": [
"T006693"
]
},
"release_date": "2016-06-14T22:00:00.000+00:00",
"title": "CVE-2016-5321"
},
{
"cve": "CVE-2016-5322",
"notes": [
{
"category": "description",
"text": "In libTIFF existieren mehrere Schwachstellen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen oder um m\u00f6glicherweise beliebigen Code mit den Privilegien der libTIFF-nutzenden Applikation auszuf\u00fchren. Bei den Schwachstellen handelt es sich um out-of-bound Lesefehlern, ung\u00fcltigen Lesezugriffen und divide-by-zero-Fehlern."
}
],
"product_status": {
"known_affected": [
"2951",
"T001723",
"T002207",
"67646",
"T000126",
"398363",
"1727"
],
"last_affected": [
"T006693"
]
},
"release_date": "2016-06-14T22:00:00.000+00:00",
"title": "CVE-2016-5322"
},
{
"cve": "CVE-2016-5323",
"notes": [
{
"category": "description",
"text": "In libTIFF existieren mehrere Schwachstellen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand hervorzurufen oder um m\u00f6glicherweise beliebigen Code mit den Privilegien der libTIFF-nutzenden Applikation auszuf\u00fchren. Bei den Schwachstellen handelt es sich um out-of-bound Lesefehlern, ung\u00fcltigen Lesezugriffen und divide-by-zero-Fehlern."
}
],
"product_status": {
"known_affected": [
"2951",
"T001723",
"T002207",
"67646",
"T000126",
"398363",
"1727"
],
"last_affected": [
"T006693"
]
},
"release_date": "2016-06-14T22:00:00.000+00:00",
"title": "CVE-2016-5323"
}
]
}
fkie_cve-2016-5315
Vulnerability from fkie_nvd
Published
2017-03-07 15:59
Modified
2025-04-20 01:37
Severity ?
Summary
The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.debian.org/security/2017/dsa-3762 | Third Party Advisory | |
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2016/06/15/2 | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/91204 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=1346694 | Issue Tracking, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://security.gentoo.org/glsa/201701-16 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2017/dsa-3762 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2016/06/15/2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/91204 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1346694 | Issue Tracking, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201701-16 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libtiff | libtiff | * | |
| debian | debian_linux | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7DBB051D-E94D-4553-88A6-750BE80B7617",
"versionEndIncluding": "4.0.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image."
},
{
"lang": "es",
"value": "La funci\u00f3n setByteArray en tif_dir.c en libtiff 4.0.6 y versiones anteriores permite a atacantes remotos provocar una denegaci\u00f3n de servicio (lectura fuera de l\u00edmites) a trav\u00e9s de una imagen tiff manipulada."
}
],
"id": "CVE-2016-5315",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-03-07T15:59:00.283",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3762"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/06/15/2"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/91204"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1346694"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://security.gentoo.org/glsa/201701-16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3762"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/06/15/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/91204"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1346694"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://security.gentoo.org/glsa/201701-16"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
suse-su-2018:1472-1
Vulnerability from csaf_suse
Published
2018-05-30 07:08
Modified
2018-05-30 07:08
Summary
Security update for tiff
Notes
Title of the patch
Security update for tiff
Description of the patch
This update for tiff fixes the following issues:
Security issues fixed:
- CVE-2016-5315: The setByteArray function in tif_dir.c allowed remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image. (bsc#984809)
- CVE-2016-10267: LibTIFF allowed remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image, related to libtiff/tif_ojpeg.c:816:8. (bsc#1017694)
- CVE-2016-10269: LibTIFF allowed remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted TIFF image, related to 'READ of size 512' and libtiff/tif_unix.c:340:2. (bsc#1031254)
- CVE-2016-10270: LibTIFF allowed remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted TIFF image, related to 'READ of size 8' and libtiff/tif_read.c:523:22. (bsc#1031250)
- CVE-2017-18013: In LibTIFF, there was a Null-Pointer Dereference in the tif_print.c TIFFPrintDirectory function, as demonstrated by a tiffinfo crash. (bsc#1074317)
- CVE-2017-7593: tif_read.c did not ensure that tif_rawdata is properly initialized, which might have allowed remote attackers to obtain sensitive information from process memory via a crafted image. (bsc#1033129)
- CVE-2017-7595: The JPEGSetupEncode function in tiff_jpeg.c allowed remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted image. (bsc#1033127)
- CVE-2017-7596: LibTIFF had an 'outside the range of representable values of type float' undefined behavior issue, which might have allowed remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. (bsc#1033126)
- CVE-2017-7597: tif_dirread.c had an 'outside the range of representable values of type float' undefined behavior issue, which might have allowed remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. (bsc#1033120)
- CVE-2017-7599: LibTIFF had an 'outside the range of representable values of type short' undefined behavior issue, which might have allowed remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. (bsc#1033113)
- CVE-2017-7600: LibTIFF had an 'outside the range of representable values of type unsigned char' undefined behavior issue, which might have allowed remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. (bsc#1033112)
- CVE-2017-7601: LibTIFF had a 'shift exponent too large for 64-bit type long' undefined behavior issue, which might have allowed remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. (bsc#1033111)
- CVE-2017-7602: LibTIFF had a signed integer overflow, which might have allowed remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. (bsc#1033109)
- Multiple divide by zero issues
- CVE-2016-5314: Buffer overflow in the PixarLogDecode function in tif_pixarlog.c allowed remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by overwriting the vgetparent function pointer with rgb2ycbcr. (bsc#987351 bsc#984808 bsc#984831)
Patchnames
sdksp4-tiff-13631,slessp4-tiff-13631
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for tiff",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for tiff fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2016-5315: The setByteArray function in tif_dir.c allowed remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image. (bsc#984809)\n- CVE-2016-10267: LibTIFF allowed remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image, related to libtiff/tif_ojpeg.c:816:8. (bsc#1017694)\n- CVE-2016-10269: LibTIFF allowed remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted TIFF image, related to \u0027READ of size 512\u0027 and libtiff/tif_unix.c:340:2. (bsc#1031254)\n- CVE-2016-10270: LibTIFF allowed remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted TIFF image, related to \u0027READ of size 8\u0027 and libtiff/tif_read.c:523:22. (bsc#1031250)\n- CVE-2017-18013: In LibTIFF, there was a Null-Pointer Dereference in the tif_print.c TIFFPrintDirectory function, as demonstrated by a tiffinfo crash. (bsc#1074317)\n- CVE-2017-7593: tif_read.c did not ensure that tif_rawdata is properly initialized, which might have allowed remote attackers to obtain sensitive information from process memory via a crafted image. (bsc#1033129)\n- CVE-2017-7595: The JPEGSetupEncode function in tiff_jpeg.c allowed remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted image. (bsc#1033127)\n- CVE-2017-7596: LibTIFF had an \u0027outside the range of representable values of type float\u0027 undefined behavior issue, which might have allowed remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. (bsc#1033126)\n- CVE-2017-7597: tif_dirread.c had an \u0027outside the range of representable values of type float\u0027 undefined behavior issue, which might have allowed remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. (bsc#1033120)\n- CVE-2017-7599: LibTIFF had an \u0027outside the range of representable values of type short\u0027 undefined behavior issue, which might have allowed remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. (bsc#1033113)\n- CVE-2017-7600: LibTIFF had an \u0027outside the range of representable values of type unsigned char\u0027 undefined behavior issue, which might have allowed remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. (bsc#1033112)\n- CVE-2017-7601: LibTIFF had a \u0027shift exponent too large for 64-bit type long\u0027 undefined behavior issue, which might have allowed remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. (bsc#1033111)\n- CVE-2017-7602: LibTIFF had a signed integer overflow, which might have allowed remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. (bsc#1033109)\n- Multiple divide by zero issues\n- CVE-2016-5314: Buffer overflow in the PixarLogDecode function in tif_pixarlog.c allowed remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by overwriting the vgetparent function pointer with rgb2ycbcr. (bsc#987351 bsc#984808 bsc#984831)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "sdksp4-tiff-13631,slessp4-tiff-13631",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_1472-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2018:1472-1",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181472-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2018:1472-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2018-May/004101.html"
},
{
"category": "self",
"summary": "SUSE Bug 1017694",
"url": "https://bugzilla.suse.com/1017694"
},
{
"category": "self",
"summary": "SUSE Bug 1031250",
"url": "https://bugzilla.suse.com/1031250"
},
{
"category": "self",
"summary": "SUSE Bug 1031254",
"url": "https://bugzilla.suse.com/1031254"
},
{
"category": "self",
"summary": "SUSE Bug 1033109",
"url": "https://bugzilla.suse.com/1033109"
},
{
"category": "self",
"summary": "SUSE Bug 1033111",
"url": "https://bugzilla.suse.com/1033111"
},
{
"category": "self",
"summary": "SUSE Bug 1033112",
"url": "https://bugzilla.suse.com/1033112"
},
{
"category": "self",
"summary": "SUSE Bug 1033113",
"url": "https://bugzilla.suse.com/1033113"
},
{
"category": "self",
"summary": "SUSE Bug 1033120",
"url": "https://bugzilla.suse.com/1033120"
},
{
"category": "self",
"summary": "SUSE Bug 1033126",
"url": "https://bugzilla.suse.com/1033126"
},
{
"category": "self",
"summary": "SUSE Bug 1033127",
"url": "https://bugzilla.suse.com/1033127"
},
{
"category": "self",
"summary": "SUSE Bug 1033129",
"url": "https://bugzilla.suse.com/1033129"
},
{
"category": "self",
"summary": "SUSE Bug 1074317",
"url": "https://bugzilla.suse.com/1074317"
},
{
"category": "self",
"summary": "SUSE Bug 984808",
"url": "https://bugzilla.suse.com/984808"
},
{
"category": "self",
"summary": "SUSE Bug 984809",
"url": "https://bugzilla.suse.com/984809"
},
{
"category": "self",
"summary": "SUSE Bug 984831",
"url": "https://bugzilla.suse.com/984831"
},
{
"category": "self",
"summary": "SUSE Bug 987351",
"url": "https://bugzilla.suse.com/987351"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-10267 page",
"url": "https://www.suse.com/security/cve/CVE-2016-10267/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-10269 page",
"url": "https://www.suse.com/security/cve/CVE-2016-10269/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-10270 page",
"url": "https://www.suse.com/security/cve/CVE-2016-10270/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5314 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5314/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5315 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5315/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-18013 page",
"url": "https://www.suse.com/security/cve/CVE-2017-18013/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7593 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7593/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7595 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7595/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7596 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7596/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7597 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7597/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7599 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7599/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7600 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7600/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7601 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7601/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7602 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7602/"
}
],
"title": "Security update for tiff",
"tracking": {
"current_release_date": "2018-05-30T07:08:57Z",
"generator": {
"date": "2018-05-30T07:08:57Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2018:1472-1",
"initial_release_date": "2018-05-30T07:08:57Z",
"revision_history": [
{
"date": "2018-05-30T07:08:57Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libtiff-devel-3.8.2-141.169.6.1.i586",
"product": {
"name": "libtiff-devel-3.8.2-141.169.6.1.i586",
"product_id": "libtiff-devel-3.8.2-141.169.6.1.i586"
}
},
{
"category": "product_version",
"name": "libtiff3-3.8.2-141.169.6.1.i586",
"product": {
"name": "libtiff3-3.8.2-141.169.6.1.i586",
"product_id": "libtiff3-3.8.2-141.169.6.1.i586"
}
},
{
"category": "product_version",
"name": "tiff-3.8.2-141.169.6.1.i586",
"product": {
"name": "tiff-3.8.2-141.169.6.1.i586",
"product_id": "tiff-3.8.2-141.169.6.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-devel-3.8.2-141.169.6.1.ia64",
"product": {
"name": "libtiff-devel-3.8.2-141.169.6.1.ia64",
"product_id": "libtiff-devel-3.8.2-141.169.6.1.ia64"
}
},
{
"category": "product_version",
"name": "libtiff3-3.8.2-141.169.6.1.ia64",
"product": {
"name": "libtiff3-3.8.2-141.169.6.1.ia64",
"product_id": "libtiff3-3.8.2-141.169.6.1.ia64"
}
},
{
"category": "product_version",
"name": "libtiff3-x86-3.8.2-141.169.6.1.ia64",
"product": {
"name": "libtiff3-x86-3.8.2-141.169.6.1.ia64",
"product_id": "libtiff3-x86-3.8.2-141.169.6.1.ia64"
}
},
{
"category": "product_version",
"name": "tiff-3.8.2-141.169.6.1.ia64",
"product": {
"name": "tiff-3.8.2-141.169.6.1.ia64",
"product_id": "tiff-3.8.2-141.169.6.1.ia64"
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-devel-3.8.2-141.169.6.1.ppc64",
"product": {
"name": "libtiff-devel-3.8.2-141.169.6.1.ppc64",
"product_id": "libtiff-devel-3.8.2-141.169.6.1.ppc64"
}
},
{
"category": "product_version",
"name": "libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"product": {
"name": "libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"product_id": "libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64"
}
},
{
"category": "product_version",
"name": "libtiff3-3.8.2-141.169.6.1.ppc64",
"product": {
"name": "libtiff3-3.8.2-141.169.6.1.ppc64",
"product_id": "libtiff3-3.8.2-141.169.6.1.ppc64"
}
},
{
"category": "product_version",
"name": "libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"product": {
"name": "libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"product_id": "libtiff3-32bit-3.8.2-141.169.6.1.ppc64"
}
},
{
"category": "product_version",
"name": "tiff-3.8.2-141.169.6.1.ppc64",
"product": {
"name": "tiff-3.8.2-141.169.6.1.ppc64",
"product_id": "tiff-3.8.2-141.169.6.1.ppc64"
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-devel-3.8.2-141.169.6.1.s390x",
"product": {
"name": "libtiff-devel-3.8.2-141.169.6.1.s390x",
"product_id": "libtiff-devel-3.8.2-141.169.6.1.s390x"
}
},
{
"category": "product_version",
"name": "libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"product": {
"name": "libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"product_id": "libtiff-devel-32bit-3.8.2-141.169.6.1.s390x"
}
},
{
"category": "product_version",
"name": "libtiff3-3.8.2-141.169.6.1.s390x",
"product": {
"name": "libtiff3-3.8.2-141.169.6.1.s390x",
"product_id": "libtiff3-3.8.2-141.169.6.1.s390x"
}
},
{
"category": "product_version",
"name": "libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"product": {
"name": "libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"product_id": "libtiff3-32bit-3.8.2-141.169.6.1.s390x"
}
},
{
"category": "product_version",
"name": "tiff-3.8.2-141.169.6.1.s390x",
"product": {
"name": "tiff-3.8.2-141.169.6.1.s390x",
"product_id": "tiff-3.8.2-141.169.6.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libtiff-devel-3.8.2-141.169.6.1.x86_64",
"product": {
"name": "libtiff-devel-3.8.2-141.169.6.1.x86_64",
"product_id": "libtiff-devel-3.8.2-141.169.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64",
"product": {
"name": "libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64",
"product_id": "libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "libtiff3-3.8.2-141.169.6.1.x86_64",
"product": {
"name": "libtiff3-3.8.2-141.169.6.1.x86_64",
"product_id": "libtiff3-3.8.2-141.169.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"product": {
"name": "libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"product_id": "libtiff3-32bit-3.8.2-141.169.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "tiff-3.8.2-141.169.6.1.x86_64",
"product": {
"name": "tiff-3.8.2-141.169.6.1.x86_64",
"product_id": "tiff-3.8.2-141.169.6.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Software Development Kit 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/a:suse:sle-sdk:11:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sles:11:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:11:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-3.8.2-141.169.6.1.i586 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586"
},
"product_reference": "libtiff-devel-3.8.2-141.169.6.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-3.8.2-141.169.6.1.ia64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64"
},
"product_reference": "libtiff-devel-3.8.2-141.169.6.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-3.8.2-141.169.6.1.ppc64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64"
},
"product_reference": "libtiff-devel-3.8.2-141.169.6.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-3.8.2-141.169.6.1.s390x as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x"
},
"product_reference": "libtiff-devel-3.8.2-141.169.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-3.8.2-141.169.6.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64"
},
"product_reference": "libtiff-devel-3.8.2-141.169.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64"
},
"product_reference": "libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-32bit-3.8.2-141.169.6.1.s390x as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x"
},
"product_reference": "libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
},
"product_reference": "libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff3-3.8.2-141.169.6.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586"
},
"product_reference": "libtiff3-3.8.2-141.169.6.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff3-3.8.2-141.169.6.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64"
},
"product_reference": "libtiff3-3.8.2-141.169.6.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff3-3.8.2-141.169.6.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64"
},
"product_reference": "libtiff3-3.8.2-141.169.6.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff3-3.8.2-141.169.6.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x"
},
"product_reference": "libtiff3-3.8.2-141.169.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff3-3.8.2-141.169.6.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64"
},
"product_reference": "libtiff3-3.8.2-141.169.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff3-32bit-3.8.2-141.169.6.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64"
},
"product_reference": "libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff3-32bit-3.8.2-141.169.6.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x"
},
"product_reference": "libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff3-32bit-3.8.2-141.169.6.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64"
},
"product_reference": "libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff3-x86-3.8.2-141.169.6.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64"
},
"product_reference": "libtiff3-x86-3.8.2-141.169.6.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tiff-3.8.2-141.169.6.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586"
},
"product_reference": "tiff-3.8.2-141.169.6.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tiff-3.8.2-141.169.6.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64"
},
"product_reference": "tiff-3.8.2-141.169.6.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tiff-3.8.2-141.169.6.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64"
},
"product_reference": "tiff-3.8.2-141.169.6.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tiff-3.8.2-141.169.6.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x"
},
"product_reference": "tiff-3.8.2-141.169.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tiff-3.8.2-141.169.6.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64"
},
"product_reference": "tiff-3.8.2-141.169.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff3-3.8.2-141.169.6.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586"
},
"product_reference": "libtiff3-3.8.2-141.169.6.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff3-3.8.2-141.169.6.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64"
},
"product_reference": "libtiff3-3.8.2-141.169.6.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff3-3.8.2-141.169.6.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64"
},
"product_reference": "libtiff3-3.8.2-141.169.6.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff3-3.8.2-141.169.6.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x"
},
"product_reference": "libtiff3-3.8.2-141.169.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff3-3.8.2-141.169.6.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64"
},
"product_reference": "libtiff3-3.8.2-141.169.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff3-32bit-3.8.2-141.169.6.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64"
},
"product_reference": "libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff3-32bit-3.8.2-141.169.6.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x"
},
"product_reference": "libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff3-32bit-3.8.2-141.169.6.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64"
},
"product_reference": "libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libtiff3-x86-3.8.2-141.169.6.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64"
},
"product_reference": "libtiff3-x86-3.8.2-141.169.6.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tiff-3.8.2-141.169.6.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586"
},
"product_reference": "tiff-3.8.2-141.169.6.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tiff-3.8.2-141.169.6.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64"
},
"product_reference": "tiff-3.8.2-141.169.6.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tiff-3.8.2-141.169.6.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64"
},
"product_reference": "tiff-3.8.2-141.169.6.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tiff-3.8.2-141.169.6.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x"
},
"product_reference": "tiff-3.8.2-141.169.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tiff-3.8.2-141.169.6.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64"
},
"product_reference": "tiff-3.8.2-141.169.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-10267",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-10267"
}
],
"notes": [
{
"category": "general",
"text": "LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image, related to libtiff/tif_ojpeg.c:816:8.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-10267",
"url": "https://www.suse.com/security/cve/CVE-2016-10267"
},
{
"category": "external",
"summary": "SUSE Bug 1017694 for CVE-2016-10267",
"url": "https://bugzilla.suse.com/1017694"
},
{
"category": "external",
"summary": "SUSE Bug 1031262 for CVE-2016-10267",
"url": "https://bugzilla.suse.com/1031262"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-30T07:08:57Z",
"details": "moderate"
}
],
"title": "CVE-2016-10267"
},
{
"cve": "CVE-2016-10269",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-10269"
}
],
"notes": [
{
"category": "general",
"text": "LibTIFF 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6 and 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted TIFF image, related to \"READ of size 512\" and libtiff/tif_unix.c:340:2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-10269",
"url": "https://www.suse.com/security/cve/CVE-2016-10269"
},
{
"category": "external",
"summary": "SUSE Bug 1017693 for CVE-2016-10269",
"url": "https://bugzilla.suse.com/1017693"
},
{
"category": "external",
"summary": "SUSE Bug 1031254 for CVE-2016-10269",
"url": "https://bugzilla.suse.com/1031254"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-30T07:08:57Z",
"details": "moderate"
}
],
"title": "CVE-2016-10269"
},
{
"cve": "CVE-2016-10270",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-10270"
}
],
"notes": [
{
"category": "general",
"text": "LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted TIFF image, related to \"READ of size 8\" and libtiff/tif_read.c:523:22.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-10270",
"url": "https://www.suse.com/security/cve/CVE-2016-10270"
},
{
"category": "external",
"summary": "SUSE Bug 1031250 for CVE-2016-10270",
"url": "https://bugzilla.suse.com/1031250"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-30T07:08:57Z",
"details": "moderate"
}
],
"title": "CVE-2016-10270"
},
{
"cve": "CVE-2016-5314",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5314"
}
],
"notes": [
{
"category": "general",
"text": "Buffer overflow in the PixarLogDecode function in tif_pixarlog.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by overwriting the vgetparent function pointer with rgb2ycbcr.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5314",
"url": "https://www.suse.com/security/cve/CVE-2016-5314"
},
{
"category": "external",
"summary": "SUSE Bug 984831 for CVE-2016-5314",
"url": "https://bugzilla.suse.com/984831"
},
{
"category": "external",
"summary": "SUSE Bug 987351 for CVE-2016-5314",
"url": "https://bugzilla.suse.com/987351"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-30T07:08:57Z",
"details": "moderate"
}
],
"title": "CVE-2016-5314"
},
{
"cve": "CVE-2016-5315",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5315"
}
],
"notes": [
{
"category": "general",
"text": "The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5315",
"url": "https://www.suse.com/security/cve/CVE-2016-5315"
},
{
"category": "external",
"summary": "SUSE Bug 984809 for CVE-2016-5315",
"url": "https://bugzilla.suse.com/984809"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-30T07:08:57Z",
"details": "moderate"
}
],
"title": "CVE-2016-5315"
},
{
"cve": "CVE-2017-18013",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-18013"
}
],
"notes": [
{
"category": "general",
"text": "In LibTIFF 4.0.9, there is a Null-Pointer Dereference in the tif_print.c TIFFPrintDirectory function, as demonstrated by a tiffinfo crash.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-18013",
"url": "https://www.suse.com/security/cve/CVE-2017-18013"
},
{
"category": "external",
"summary": "SUSE Bug 1074317 for CVE-2017-18013",
"url": "https://bugzilla.suse.com/1074317"
},
{
"category": "external",
"summary": "SUSE Bug 1082825 for CVE-2017-18013",
"url": "https://bugzilla.suse.com/1082825"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-30T07:08:57Z",
"details": "important"
}
],
"title": "CVE-2017-18013"
},
{
"cve": "CVE-2017-7593",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7593"
}
],
"notes": [
{
"category": "general",
"text": "tif_read.c in LibTIFF 4.0.7 does not ensure that tif_rawdata is properly initialized, which might allow remote attackers to obtain sensitive information from process memory via a crafted image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7593",
"url": "https://www.suse.com/security/cve/CVE-2017-7593"
},
{
"category": "external",
"summary": "SUSE Bug 1033129 for CVE-2017-7593",
"url": "https://bugzilla.suse.com/1033129"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-30T07:08:57Z",
"details": "moderate"
}
],
"title": "CVE-2017-7593"
},
{
"cve": "CVE-2017-7595",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7595"
}
],
"notes": [
{
"category": "general",
"text": "The JPEGSetupEncode function in tiff_jpeg.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7595",
"url": "https://www.suse.com/security/cve/CVE-2017-7595"
},
{
"category": "external",
"summary": "SUSE Bug 1033111 for CVE-2017-7595",
"url": "https://bugzilla.suse.com/1033111"
},
{
"category": "external",
"summary": "SUSE Bug 1033127 for CVE-2017-7595",
"url": "https://bugzilla.suse.com/1033127"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-30T07:08:57Z",
"details": "moderate"
}
],
"title": "CVE-2017-7595"
},
{
"cve": "CVE-2017-7596",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7596"
}
],
"notes": [
{
"category": "general",
"text": "LibTIFF 4.0.7 has an \"outside the range of representable values of type float\" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7596",
"url": "https://www.suse.com/security/cve/CVE-2017-7596"
},
{
"category": "external",
"summary": "SUSE Bug 1033112 for CVE-2017-7596",
"url": "https://bugzilla.suse.com/1033112"
},
{
"category": "external",
"summary": "SUSE Bug 1033113 for CVE-2017-7596",
"url": "https://bugzilla.suse.com/1033113"
},
{
"category": "external",
"summary": "SUSE Bug 1033120 for CVE-2017-7596",
"url": "https://bugzilla.suse.com/1033120"
},
{
"category": "external",
"summary": "SUSE Bug 1033126 for CVE-2017-7596",
"url": "https://bugzilla.suse.com/1033126"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-30T07:08:57Z",
"details": "important"
}
],
"title": "CVE-2017-7596"
},
{
"cve": "CVE-2017-7597",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7597"
}
],
"notes": [
{
"category": "general",
"text": "tif_dirread.c in LibTIFF 4.0.7 has an \"outside the range of representable values of type float\" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7597",
"url": "https://www.suse.com/security/cve/CVE-2017-7597"
},
{
"category": "external",
"summary": "SUSE Bug 1033112 for CVE-2017-7597",
"url": "https://bugzilla.suse.com/1033112"
},
{
"category": "external",
"summary": "SUSE Bug 1033113 for CVE-2017-7597",
"url": "https://bugzilla.suse.com/1033113"
},
{
"category": "external",
"summary": "SUSE Bug 1033120 for CVE-2017-7597",
"url": "https://bugzilla.suse.com/1033120"
},
{
"category": "external",
"summary": "SUSE Bug 1033126 for CVE-2017-7597",
"url": "https://bugzilla.suse.com/1033126"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-30T07:08:57Z",
"details": "moderate"
}
],
"title": "CVE-2017-7597"
},
{
"cve": "CVE-2017-7599",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7599"
}
],
"notes": [
{
"category": "general",
"text": "LibTIFF 4.0.7 has an \"outside the range of representable values of type short\" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7599",
"url": "https://www.suse.com/security/cve/CVE-2017-7599"
},
{
"category": "external",
"summary": "SUSE Bug 1033112 for CVE-2017-7599",
"url": "https://bugzilla.suse.com/1033112"
},
{
"category": "external",
"summary": "SUSE Bug 1033113 for CVE-2017-7599",
"url": "https://bugzilla.suse.com/1033113"
},
{
"category": "external",
"summary": "SUSE Bug 1033120 for CVE-2017-7599",
"url": "https://bugzilla.suse.com/1033120"
},
{
"category": "external",
"summary": "SUSE Bug 1033126 for CVE-2017-7599",
"url": "https://bugzilla.suse.com/1033126"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-30T07:08:57Z",
"details": "moderate"
}
],
"title": "CVE-2017-7599"
},
{
"cve": "CVE-2017-7600",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7600"
}
],
"notes": [
{
"category": "general",
"text": "LibTIFF 4.0.7 has an \"outside the range of representable values of type unsigned char\" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7600",
"url": "https://www.suse.com/security/cve/CVE-2017-7600"
},
{
"category": "external",
"summary": "SUSE Bug 1033112 for CVE-2017-7600",
"url": "https://bugzilla.suse.com/1033112"
},
{
"category": "external",
"summary": "SUSE Bug 1033113 for CVE-2017-7600",
"url": "https://bugzilla.suse.com/1033113"
},
{
"category": "external",
"summary": "SUSE Bug 1033120 for CVE-2017-7600",
"url": "https://bugzilla.suse.com/1033120"
},
{
"category": "external",
"summary": "SUSE Bug 1033126 for CVE-2017-7600",
"url": "https://bugzilla.suse.com/1033126"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-30T07:08:57Z",
"details": "low"
}
],
"title": "CVE-2017-7600"
},
{
"cve": "CVE-2017-7601",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7601"
}
],
"notes": [
{
"category": "general",
"text": "LibTIFF 4.0.7 has a \"shift exponent too large for 64-bit type long\" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7601",
"url": "https://www.suse.com/security/cve/CVE-2017-7601"
},
{
"category": "external",
"summary": "SUSE Bug 1033111 for CVE-2017-7601",
"url": "https://bugzilla.suse.com/1033111"
},
{
"category": "external",
"summary": "SUSE Bug 1033127 for CVE-2017-7601",
"url": "https://bugzilla.suse.com/1033127"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-30T07:08:57Z",
"details": "low"
}
],
"title": "CVE-2017-7601"
},
{
"cve": "CVE-2017-7602",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7602"
}
],
"notes": [
{
"category": "general",
"text": "LibTIFF 4.0.7 has a signed integer overflow, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7602",
"url": "https://www.suse.com/security/cve/CVE-2017-7602"
},
{
"category": "external",
"summary": "SUSE Bug 1033109 for CVE-2017-7602",
"url": "https://bugzilla.suse.com/1033109"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.6.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-30T07:08:57Z",
"details": "moderate"
}
],
"title": "CVE-2017-7602"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…