Executive Summary

Informations
NameCVE-2018-7456First vendor Publication2018-02-24
VendorCveLast vendor Modification2019-04-22

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:N/I:N/A:P)
Cvss Base Score4.3Attack RangeNetwork
Cvss Impact Score2.9Attack ComplexityMedium
Cvss Expoit Score8.6AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

A NULL Pointer Dereference occurs in the function TIFFPrintDirectory in tif_print.c in LibTIFF 4.0.9 when using the tiffinfo tool to print crafted TIFF information, a different vulnerability than CVE-2017-18013. (This affects an earlier part of the TIFFPrintDirectory function that was not addressed by the CVE-2017-18013 patch.)

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7456

CWE : Common Weakness Enumeration

%idName
100 %CWE-476NULL Pointer Dereference

CPE : Common Platform Enumeration

TypeDescriptionCount
Application1
Os4
Os3

Nessus® Vulnerability Scanner

DateDescription
2019-01-03Name : The remote Fedora host is missing a security update.
File : fedora_2018-c7a234c440.nasl - Type : ACT_GATHER_INFO
2018-12-01Name : The remote Debian host is missing a security-related update.
File : debian_DSA-4349.nasl - Type : ACT_GATHER_INFO
2018-11-13Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2018-316-01.nasl - Type : ACT_GATHER_INFO
2018-07-24Name : The remote PhotonOS host is missing multiple security updates.
File : PhotonOS_PHSA-2018-2_0-0048.nasl - Type : ACT_GATHER_INFO
2018-07-03Name : The remote Debian host is missing a security update.
File : debian_DLA-1411.nasl - Type : ACT_GATHER_INFO
2018-04-24Name : The remote Fedora host is missing a security update.
File : fedora_2018-335aec0507.nasl - Type : ACT_GATHER_INFO
2018-04-16Name : The remote Debian host is missing a security update.
File : debian_DLA-1346.nasl - Type : ACT_GATHER_INFO
2018-04-16Name : The remote Debian host is missing a security update.
File : debian_DLA-1347.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

SourceUrl
CONFIRM https://gitlab.com/libtiff/libtiff/commit/be4c85b16e8801a16eec25e80eb9f3dd6a9...
DEBIAN https://www.debian.org/security/2018/dsa-4349
MISC http://bugzilla.maptools.org/show_bug.cgi?id=2778
https://github.com/xiaoqx/pocs/tree/master/libtiff
MLIST https://lists.debian.org/debian-lts-announce/2018/04/msg00010.html
https://lists.debian.org/debian-lts-announce/2018/04/msg00011.html
https://lists.debian.org/debian-lts-announce/2018/07/msg00002.html
UBUNTU https://usn.ubuntu.com/3864-1/

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
DateInformations
2019-04-22 21:19:17
  • Multiple Updates
2019-04-19 21:19:27
  • Multiple Updates
2019-03-07 17:19:31
  • Multiple Updates
2019-01-23 17:19:25
  • Multiple Updates
2018-12-01 17:19:02
  • Multiple Updates
2018-07-04 09:19:48
  • Multiple Updates
2018-04-17 09:19:23
  • Multiple Updates
2018-03-17 09:19:27
  • Multiple Updates
2018-02-24 12:05:43
  • First insertion