Out-of-Bounds Write Vulnerability in LibTIFF's rgb2ycbcr Tool

Out-of-Bounds Write Vulnerability in LibTIFF's rgb2ycbcr Tool

CVE-2016-3624 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

The cvtClump function in the rgb2ycbcr tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds write) by setting the "-v" option to -1.

Learn more about our Web Application Penetration Testing UK.