ID

VAR-201604-0195


CVE

CVE-2015-8784


TITLE

LibTIFF of tif_next.c of NeXTDecode Service disruption in functions (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2015-007063

DESCRIPTION

The NeXTDecode function in tif_next.c in LibTIFF allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted TIFF image, as demonstrated by libtiff5.tif. LibTIFF is prone to a memory-corruption vulnerability. An attacker could exploit this issue to execute arbitrary code in the affected system. Failed exploit attempts may result in denial-of-service conditions. ============================================================================ Ubuntu Security Notice USN-2939-1 March 23, 2016 tiff vulnerabilities ============================================================================ A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 15.10 - Ubuntu 14.04 LTS - Ubuntu 12.04 LTS Summary: LibTIFF could be made to crash or run programs as your login if it opened a specially crafted file. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 15.10: libtiff5 4.0.3-12.3ubuntu2.1 Ubuntu 14.04 LTS: libtiff5 4.0.3-7ubuntu0.4 Ubuntu 12.04 LTS: libtiff4 3.9.5-2ubuntu1.9 In general, a standard system update will make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: libtiff security update Advisory ID: RHSA-2016:1546-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-1546.html Issue date: 2016-08-02 CVE Names: CVE-2014-8127 CVE-2014-8129 CVE-2014-8130 CVE-2014-9330 CVE-2014-9655 CVE-2015-1547 CVE-2015-7554 CVE-2015-8665 CVE-2015-8668 CVE-2015-8683 CVE-2015-8781 CVE-2015-8782 CVE-2015-8783 CVE-2015-8784 CVE-2016-3632 CVE-2016-3945 CVE-2016-3990 CVE-2016-3991 CVE-2016-5320 ===================================================================== 1. Summary: An update for libtiff is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files. Security Fix(es): * Multiple flaws have been discovered in libtiff. A remote attacker could exploit these flaws to cause a crash or memory corruption and, possibly, execute arbitrary code by tricking an application linked against libtiff into processing specially crafted files. (CVE-2014-9655, CVE-2015-1547, CVE-2015-8784, CVE-2015-8683, CVE-2015-8665, CVE-2015-8781, CVE-2015-8782, CVE-2015-8783, CVE-2016-3990, CVE-2016-5320) * Multiple flaws have been discovered in various libtiff tools (bmp2tiff, pal2rgb, thumbnail, tiff2bw, tiff2pdf, tiffcrop, tiffdither, tiffsplit, tiff2rgba). By tricking a user into processing a specially crafted file, a remote attacker could exploit these flaws to cause a crash or memory corruption and, possibly, execute arbitrary code with the privileges of the user running the libtiff tool. (CVE-2014-8127, CVE-2014-8129, CVE-2014-8130, CVE-2014-9330, CVE-2015-7554, CVE-2015-8668, CVE-2016-3632, CVE-2016-3945, CVE-2016-3991) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 All running applications linked against libtiff must be restarted for this update to take effect. 5. Package List: Red Hat Enterprise Linux Client (v. 7): Source: libtiff-4.0.3-25.el7_2.src.rpm x86_64: libtiff-4.0.3-25.el7_2.i686.rpm libtiff-4.0.3-25.el7_2.x86_64.rpm libtiff-debuginfo-4.0.3-25.el7_2.i686.rpm libtiff-debuginfo-4.0.3-25.el7_2.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: libtiff-debuginfo-4.0.3-25.el7_2.i686.rpm libtiff-debuginfo-4.0.3-25.el7_2.x86_64.rpm libtiff-devel-4.0.3-25.el7_2.i686.rpm libtiff-devel-4.0.3-25.el7_2.x86_64.rpm libtiff-static-4.0.3-25.el7_2.i686.rpm libtiff-static-4.0.3-25.el7_2.x86_64.rpm libtiff-tools-4.0.3-25.el7_2.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: libtiff-4.0.3-25.el7_2.src.rpm x86_64: libtiff-4.0.3-25.el7_2.i686.rpm libtiff-4.0.3-25.el7_2.x86_64.rpm libtiff-debuginfo-4.0.3-25.el7_2.i686.rpm libtiff-debuginfo-4.0.3-25.el7_2.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: libtiff-debuginfo-4.0.3-25.el7_2.i686.rpm libtiff-debuginfo-4.0.3-25.el7_2.x86_64.rpm libtiff-devel-4.0.3-25.el7_2.i686.rpm libtiff-devel-4.0.3-25.el7_2.x86_64.rpm libtiff-static-4.0.3-25.el7_2.i686.rpm libtiff-static-4.0.3-25.el7_2.x86_64.rpm libtiff-tools-4.0.3-25.el7_2.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: libtiff-4.0.3-25.el7_2.src.rpm ppc64: libtiff-4.0.3-25.el7_2.ppc.rpm libtiff-4.0.3-25.el7_2.ppc64.rpm libtiff-debuginfo-4.0.3-25.el7_2.ppc.rpm libtiff-debuginfo-4.0.3-25.el7_2.ppc64.rpm libtiff-devel-4.0.3-25.el7_2.ppc.rpm libtiff-devel-4.0.3-25.el7_2.ppc64.rpm ppc64le: libtiff-4.0.3-25.el7_2.ppc64le.rpm libtiff-debuginfo-4.0.3-25.el7_2.ppc64le.rpm libtiff-devel-4.0.3-25.el7_2.ppc64le.rpm s390x: libtiff-4.0.3-25.el7_2.s390.rpm libtiff-4.0.3-25.el7_2.s390x.rpm libtiff-debuginfo-4.0.3-25.el7_2.s390.rpm libtiff-debuginfo-4.0.3-25.el7_2.s390x.rpm libtiff-devel-4.0.3-25.el7_2.s390.rpm libtiff-devel-4.0.3-25.el7_2.s390x.rpm x86_64: libtiff-4.0.3-25.el7_2.i686.rpm libtiff-4.0.3-25.el7_2.x86_64.rpm libtiff-debuginfo-4.0.3-25.el7_2.i686.rpm libtiff-debuginfo-4.0.3-25.el7_2.x86_64.rpm libtiff-devel-4.0.3-25.el7_2.i686.rpm libtiff-devel-4.0.3-25.el7_2.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: libtiff-debuginfo-4.0.3-25.el7_2.ppc.rpm libtiff-debuginfo-4.0.3-25.el7_2.ppc64.rpm libtiff-static-4.0.3-25.el7_2.ppc.rpm libtiff-static-4.0.3-25.el7_2.ppc64.rpm libtiff-tools-4.0.3-25.el7_2.ppc64.rpm ppc64le: libtiff-debuginfo-4.0.3-25.el7_2.ppc64le.rpm libtiff-static-4.0.3-25.el7_2.ppc64le.rpm libtiff-tools-4.0.3-25.el7_2.ppc64le.rpm s390x: libtiff-debuginfo-4.0.3-25.el7_2.s390.rpm libtiff-debuginfo-4.0.3-25.el7_2.s390x.rpm libtiff-static-4.0.3-25.el7_2.s390.rpm libtiff-static-4.0.3-25.el7_2.s390x.rpm libtiff-tools-4.0.3-25.el7_2.s390x.rpm x86_64: libtiff-debuginfo-4.0.3-25.el7_2.i686.rpm libtiff-debuginfo-4.0.3-25.el7_2.x86_64.rpm libtiff-static-4.0.3-25.el7_2.i686.rpm libtiff-static-4.0.3-25.el7_2.x86_64.rpm libtiff-tools-4.0.3-25.el7_2.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: libtiff-4.0.3-25.el7_2.src.rpm x86_64: libtiff-4.0.3-25.el7_2.i686.rpm libtiff-4.0.3-25.el7_2.x86_64.rpm libtiff-debuginfo-4.0.3-25.el7_2.i686.rpm libtiff-debuginfo-4.0.3-25.el7_2.x86_64.rpm libtiff-devel-4.0.3-25.el7_2.i686.rpm libtiff-devel-4.0.3-25.el7_2.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: libtiff-debuginfo-4.0.3-25.el7_2.i686.rpm libtiff-debuginfo-4.0.3-25.el7_2.x86_64.rpm libtiff-static-4.0.3-25.el7_2.i686.rpm libtiff-static-4.0.3-25.el7_2.x86_64.rpm libtiff-tools-4.0.3-25.el7_2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2014-8127 https://access.redhat.com/security/cve/CVE-2014-8129 https://access.redhat.com/security/cve/CVE-2014-8130 https://access.redhat.com/security/cve/CVE-2014-9330 https://access.redhat.com/security/cve/CVE-2014-9655 https://access.redhat.com/security/cve/CVE-2015-1547 https://access.redhat.com/security/cve/CVE-2015-7554 https://access.redhat.com/security/cve/CVE-2015-8665 https://access.redhat.com/security/cve/CVE-2015-8668 https://access.redhat.com/security/cve/CVE-2015-8683 https://access.redhat.com/security/cve/CVE-2015-8781 https://access.redhat.com/security/cve/CVE-2015-8782 https://access.redhat.com/security/cve/CVE-2015-8783 https://access.redhat.com/security/cve/CVE-2015-8784 https://access.redhat.com/security/cve/CVE-2016-3632 https://access.redhat.com/security/cve/CVE-2016-3945 https://access.redhat.com/security/cve/CVE-2016-3990 https://access.redhat.com/security/cve/CVE-2016-3991 https://access.redhat.com/security/cve/CVE-2016-5320 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFXoNKIXlSAg2UNWIIRAn0mAJ49V9uRtJCn4vAWPIfVZ3ptCa4NDQCbBuTb H5YX3gD3gJu8C4EadiP+wtg= =Z4gh -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201701-16 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: libTIFF: Multiple vulnerabilities Date: January 09, 2017 Bugs: #484542, #534108, #538318, #561880, #572876, #585274, #585508, #599746 ID: 201701-16 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in libTIFF, the worst of which may allow execution of arbitrary code. It is called by numerous programs, including GNOME and KDE applications, to interpret TIFF images. Please review the CVE identifier and bug reports referenced for details. Workaround ========== There is no known workaround at this time. Resolution ========== All libTIFF users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=media-libs/tiff-4.0.7" References ========== [ 1 ] CVE-2013-4243 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4243 [ 2 ] CVE-2014-8127 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8127 [ 3 ] CVE-2014-8128 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8128 [ 4 ] CVE-2014-8129 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8129 [ 5 ] CVE-2014-8130 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8130 [ 6 ] CVE-2014-9330 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9330 [ 7 ] CVE-2014-9655 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9655 [ 8 ] CVE-2015-1547 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1547 [ 9 ] CVE-2015-7313 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7313 [ 10 ] CVE-2015-7554 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7554 [ 11 ] CVE-2015-8665 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8665 [ 12 ] CVE-2015-8668 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8668 [ 13 ] CVE-2015-8683 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8683 [ 14 ] CVE-2015-8781 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8781 [ 15 ] CVE-2015-8782 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8782 [ 16 ] CVE-2015-8783 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8783 [ 17 ] CVE-2015-8784 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8784 [ 18 ] CVE-2016-3186 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-3186 [ 19 ] CVE-2016-3619 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-3619 [ 20 ] CVE-2016-3620 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-3620 [ 21 ] CVE-2016-3621 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-3621 [ 22 ] CVE-2016-3622 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-3622 [ 23 ] CVE-2016-3623 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-3623 [ 24 ] CVE-2016-3624 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-3624 [ 25 ] CVE-2016-3625 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-3625 [ 26 ] CVE-2016-3631 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-3631 [ 27 ] CVE-2016-3632 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-3632 [ 28 ] CVE-2016-3633 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-3633 [ 29 ] CVE-2016-3634 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-3634 [ 30 ] CVE-2016-3658 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-3658 [ 31 ] CVE-2016-3945 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-3945 [ 32 ] CVE-2016-3990 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-3990 [ 33 ] CVE-2016-3991 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-3991 [ 34 ] CVE-2016-5102 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5102 [ 35 ] CVE-2016-5314 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5314 [ 36 ] CVE-2016-5315 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5315 [ 37 ] CVE-2016-5316 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5316 [ 38 ] CVE-2016-5317 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5317 [ 39 ] CVE-2016-5318 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5318 [ 40 ] CVE-2016-5319 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5319 [ 41 ] CVE-2016-5320 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5320 [ 42 ] CVE-2016-5321 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5321 [ 43 ] CVE-2016-5322 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5322 [ 44 ] CVE-2016-5323 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5323 [ 45 ] CVE-2016-5652 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5652 [ 46 ] CVE-2016-5875 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-5875 [ 47 ] CVE-2016-6223 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6223 [ 48 ] CVE-2016-8331 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-8331 [ 49 ] CVE-2016-9273 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9273 [ 50 ] CVE-2016-9297 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9297 [ 51 ] CVE-2016-9318 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9318 [ 52 ] CVE-2016-9448 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9448 [ 53 ] CVE-2016-9453 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9453 [ 54 ] CVE-2016-9532 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9532 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201701-16 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2017 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 --WUa5dgL7FmU1aSF31hCrUKc2JiSevbqka-- . Multiple out-of-bounds read and write flaws could cause an application using the tiff library to crash. For the oldstable distribution (wheezy), these problems have been fixed in version 4.0.2-6+deb7u5. For the stable distribution (jessie), these problems have been fixed in version 4.0.3-12.3+deb8u1. For the testing distribution (stretch), these problems have been fixed in version 4.0.6-1. For the unstable distribution (sid), these problems have been fixed in version 4.0.6-1. We recommend that you upgrade your tiff packages. 6) - i386, x86_64 3

Trust: 2.43

sources: NVD: CVE-2015-8784 // JVNDB: JVNDB-2015-007063 // BID: 81696 // VULMON: CVE-2015-8784 // PACKETSTORM: 136385 // PACKETSTORM: 138137 // PACKETSTORM: 140402 // PACKETSTORM: 135662 // PACKETSTORM: 138138

AFFECTED PRODUCTS

vendor:libtiffmodel:libtiffscope: - version: -

Trust: 1.4

vendor:debianmodel:linuxscope:eqversion:7.0

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:8.0

Trust: 1.0

vendor:libtiffmodel:libtiffscope:ltversion:4.0.7

Trust: 1.0

vendor:debianmodel:gnu/linuxscope:eqversion:7.0

Trust: 0.8

vendor:debianmodel:gnu/linuxscope:eqversion:8.0

Trust: 0.8

vendor:f5model:big-ip aam buildscope:eqversion:11.66.204.442

Trust: 0.3

vendor:oraclemodel:linuxscope:eqversion:7.0

Trust: 0.3

vendor:f5model:big-ip aamscope:eqversion:11.5.1

Trust: 0.3

vendor:f5model:big-ip aam hf1scope:eqversion:12.0.0

Trust: 0.3

vendor:f5model:big-ip aamscope:eqversion:11.6.1

Trust: 0.3

vendor:debianmodel:linux armscope:eqversion:6.0

Trust: 0.3

vendor:f5model:big-ip aam hf2scope:eqversion:12.0.0

Trust: 0.3

vendor:debianmodel:linux ia-64scope:eqversion:6.0

Trust: 0.3

vendor:f5model:big-ip aam build 685-hf10scope:eqversion:11.4.1

Trust: 0.3

vendor:ibmmodel:powerkvmscope:eqversion:2.1

Trust: 0.3

vendor:ibmmodel:smartcloud entryscope:eqversion:2.3.0

Trust: 0.3

vendor:f5model:big-ip aamscope:eqversion:11.5

Trust: 0.3

vendor:f5model:big-ip aam buildscope:eqversion:11.5.40.1.256

Trust: 0.3

vendor:oraclemodel:vm server forscope:eqversion:x863.4

Trust: 0.3

vendor:f5model:big-ip aam hf2scope:eqversion:12.1

Trust: 0.3

vendor:f5model:big-ip aam buildscope:eqversion:11.5.110.104.180

Trust: 0.3

vendor:f5model:big-ip aam hf6scope:eqversion:11.4.1

Trust: 0.3

vendor:f5model:big-ip aam hf5scope:eqversion:11.4.1

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fpscope:eqversion:3.1.0.4

Trust: 0.3

vendor:f5model:big-ip aam hf7scope:eqversion:11.6

Trust: 0.3

vendor:ibmmodel:powerkvmscope:eqversion:3.1

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fix packscope:eqversion:2.24

Trust: 0.3

vendor:f5model:big-ip aam hf1scope:eqversion:11.5.4

Trust: 0.3

vendor:libtiffmodel:libtiffscope:eqversion:-0

Trust: 0.3

vendor:f5model:big-ip aamscope:eqversion:11.5.2

Trust: 0.3

vendor:f5model:big-ip aam hf2scope:eqversion:11.5.4

Trust: 0.3

vendor:f5model:big-ip aamscope:eqversion:11.4.0

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fiscope:eqversion:2.2.0.4

Trust: 0.3

vendor:f5model:big-ip aam hf1scope:eqversion:11.5.3

Trust: 0.3

vendor:f5model:big-ip aam hf2scope:eqversion:11.5.3

Trust: 0.3

vendor:f5model:big-ip aam hf11scope:eqversion:11.5.1

Trust: 0.3

vendor:debianmodel:linux sparcscope:eqversion:6.0

Trust: 0.3

vendor:ibmmodel:smartcloud entry fix packscope:eqversion:2.22

Trust: 0.3

vendor:f5model:big-ip aamscope:eqversion:12.0

Trust: 0.3

vendor:f5model:big-ip aamscope:eqversion:11.4.1

Trust: 0.3

vendor:f5model:big-ip aam hf8scope:eqversion:11.4

Trust: 0.3

vendor:f5model:big-ip aam hf4scope:eqversion:12.0

Trust: 0.3

vendor:f5model:big-ip aam hf3scope:eqversion:11.4.1

Trust: 0.3

vendor:f5model:big-ip aam hf4scope:eqversion:11.4.1

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fix packscope:eqversion:2.36

Trust: 0.3

vendor:f5model:big-ip aamscope:eqversion:12.1.1

Trust: 0.3

vendor:f5model:big-ip aam hf8scope:eqversion:11.6

Trust: 0.3

vendor:f5model:big-ip aam hf9scope:eqversion:11.4

Trust: 0.3

vendor:f5model:big-ip webacceleratorscope:eqversion:11.2.1

Trust: 0.3

vendor:f5model:big-ip aam hf10scope:eqversion:11.5.1

Trust: 0.3

vendor:oraclemodel:linuxscope:eqversion:6.0

Trust: 0.3

vendor:debianmodel:linux amd64scope:eqversion:6.0

Trust: 0.3

vendor:f5model:big-ip aam hf10scope:eqversion:11.4

Trust: 0.3

vendor:ibmmodel:smartcloud entryscope:eqversion:2.4.0

Trust: 0.3

vendor:f5model:big-ip aam hf8scope:eqversion:11.4.1

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fix packscope:eqversion:2.34

Trust: 0.3

vendor:f5model:big-ip aam buildscope:eqversion:12.01.14.628

Trust: 0.3

vendor:f5model:big-ip aam hf1scope:eqversion:11.4.1

Trust: 0.3

vendor:f5model:big-ip aam hf2scope:eqversion:11.4.1

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fix packscope:eqversion:2.26

Trust: 0.3

vendor:debianmodel:linux ia-32scope:eqversion:6.0

Trust: 0.3

vendor:debianmodel:linux mipsscope:eqversion:6.0

Trust: 0.3

vendor:ibmmodel:smartcloud entryscope:eqversion:3.2

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fiscope:eqversion:2.4.0.4

Trust: 0.3

vendor:f5model:big-ip aam hf3scope:eqversion:12.0.0

Trust: 0.3

vendor:ibmmodel:smartcloud entryscope:eqversion:2.2

Trust: 0.3

vendor:f5model:big-ip aam hf9scope:eqversion:11.4.1

Trust: 0.3

vendor:ibmmodel:smartcloud entry fix packscope:eqversion:2.21

Trust: 0.3

vendor:debianmodel:linux s/390scope:eqversion:6.0

Trust: 0.3

vendor:f5model:big-ip aam hf1scope:eqversion:12.1

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fpscope:eqversion:3.2.0.4

Trust: 0.3

vendor:debianmodel:linux powerpcscope:eqversion:6.0

Trust: 0.3

vendor:oraclemodel:vm server forscope:eqversion:x863.3

Trust: 0.3

vendor:ibmmodel:smartcloud entry fix packscope:eqversion:2.31

Trust: 0.3

vendor:f5model:big-ip aam hf10scope:eqversion:11.4.1

Trust: 0.3

vendor:ibmmodel:smartcloud entryscope:eqversion:3.1

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fiscope:eqversion:2.3.0.4

Trust: 0.3

vendor:f5model:big-ip aamscope:eqversion:12.1.0

Trust: 0.3

vendor:f5model:big-ip aamscope:eqversion:11.6.0

Trust: 0.3

vendor:f5model:big-ip aam hf6scope:eqversion:11.6

Trust: 0.3

vendor:f5model:big-ip aamscope:eqversion:11.5.4

Trust: 0.3

vendor:f5model:big-ip aam hf5scope:eqversion:11.6.0

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fpscope:eqversion:2.2.0.3

Trust: 0.3

vendor:f5model:big-ip aam hf4scope:eqversion:11.6.0

Trust: 0.3

vendor:f5model:big-ip aamscope:eqversion:11.5.3

Trust: 0.3

sources: BID: 81696 // JVNDB: JVNDB-2015-007063 // CNNVD: CNNVD-201602-074 // NVD: CVE-2015-8784

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2015-8784
value: MEDIUM

Trust: 1.0

NVD: CVE-2015-8784
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201602-074
value: MEDIUM

Trust: 0.6

VULMON: CVE-2015-8784
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2015-8784
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

nvd@nist.gov: CVE-2015-8784
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2015-8784
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULMON: CVE-2015-8784 // JVNDB: JVNDB-2015-007063 // CNNVD: CNNVD-201602-074 // NVD: CVE-2015-8784

PROBLEMTYPE DATA

problemtype:CWE-787

Trust: 1.0

problemtype:CWE-119

Trust: 0.8

sources: JVNDB: JVNDB-2015-007063 // NVD: CVE-2015-8784

THREAT TYPE

remote

Trust: 0.9

sources: PACKETSTORM: 136385 // PACKETSTORM: 138137 // PACKETSTORM: 138138 // CNNVD: CNNVD-201602-074

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201602-074

CONFIGURATIONS

sources: JVNDB: JVNDB-2015-007063

PATCH

title:Bug 2508url:http://bugzilla.maptools.org/show_bug.cgi?id=2508

Trust: 0.8

title:DSA-3467url:https://www.debian.org/security/2016/dsa-3467

Trust: 0.8

title:* libtiff/tif_next.c: fix potential out-of-bound write in NeXTDecode()url:https://github.com/vadz/libtiff/commit/b18012dae552f85dcc5c57d3bf4e997a15b1cc1c

Trust: 0.8

title:Silicon Graphics LibTiff'NeXTDecode()' Fixes for function denial of service vulnerabilityurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=60064

Trust: 0.6

title:Red Hat: CVE-2015-8784url:https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=CVE-2015-8784

Trust: 0.1

title:Ubuntu Security Notice: tiff vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-2939-1

Trust: 0.1

title:Debian CVElist Bug Report Logs: tiff: CVE-2015-8683: out-of-bounds read in CIE Lab image formaturl:https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=390434416e4acde3bf8b99e4da032c83

Trust: 0.1

title:Debian CVElist Bug Report Logs: tiff: CVE-2015-8665: out-of-bound read in tif_getimage.curl:https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=6ec319e5239f23b8cfa3b133cf8edbf4

Trust: 0.1

title:Debian Security Advisories: DSA-3467-1 tiff -- security updateurl:https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=a8a45052489cbaa9fb33682f27d831b9

Trust: 0.1

title:Amazon Linux AMI: ALAS-2016-734url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2016-734

Trust: 0.1

title:Amazon Linux AMI: ALAS-2016-733url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2016-733

Trust: 0.1

title:Oracle VM Server for x86 Bulletins: Oracle VM Server for x86 Bulletin - July 2016url:https://vulmon.com/vendoradvisory?qidtp=oracle_vm_server_for_x86_bulletins&qid=6c15273f6bf4a785175f27073b98a1ce

Trust: 0.1

title:Oracle Linux Bulletins: Oracle Linux Bulletin - July 2016url:https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins&qid=0bd8c924b56aac98dda0f5b45f425f38

Trust: 0.1

title:Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - April 2016url:https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins&qid=976a4da35d55283870dbb31b88a6c655

Trust: 0.1

sources: VULMON: CVE-2015-8784 // JVNDB: JVNDB-2015-007063 // CNNVD: CNNVD-201602-074

EXTERNAL IDS

db:NVDid:CVE-2015-8784

Trust: 3.3

db:BIDid:81696

Trust: 2.0

db:OPENWALLid:OSS-SECURITY/2016/01/24/4

Trust: 1.7

db:OPENWALLid:OSS-SECURITY/2016/01/24/8

Trust: 1.7

db:JVNDBid:JVNDB-2015-007063

Trust: 0.8

db:CNNVDid:CNNVD-201602-074

Trust: 0.6

db:VULMONid:CVE-2015-8784

Trust: 0.1

db:PACKETSTORMid:136385

Trust: 0.1

db:PACKETSTORMid:138137

Trust: 0.1

db:PACKETSTORMid:140402

Trust: 0.1

db:PACKETSTORMid:135662

Trust: 0.1

db:PACKETSTORMid:138138

Trust: 0.1

sources: VULMON: CVE-2015-8784 // BID: 81696 // JVNDB: JVNDB-2015-007063 // PACKETSTORM: 136385 // PACKETSTORM: 138137 // PACKETSTORM: 140402 // PACKETSTORM: 135662 // PACKETSTORM: 138138 // CNNVD: CNNVD-201602-074 // NVD: CVE-2015-8784

REFERENCES

url:http://bugzilla.maptools.org/show_bug.cgi?id=2508

Trust: 2.0

url:http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html

Trust: 2.0

url:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html

Trust: 2.0

url:http://www.securityfocus.com/bid/81696

Trust: 1.8

url:http://www.ubuntu.com/usn/usn-2939-1

Trust: 1.8

url:https://security.gentoo.org/glsa/201701-16

Trust: 1.8

url:http://rhn.redhat.com/errata/rhsa-2016-1547.html

Trust: 1.8

url:http://rhn.redhat.com/errata/rhsa-2016-1546.html

Trust: 1.8

url:http://www.openwall.com/lists/oss-security/2016/01/24/4

Trust: 1.7

url:http://www.openwall.com/lists/oss-security/2016/01/24/8

Trust: 1.7

url:https://github.com/vadz/libtiff/commit/b18012dae552f85dcc5c57d3bf4e997a15b1cc1c

Trust: 1.7

url:http://www.debian.org/security/2016/dsa-3467

Trust: 1.7

url:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

Trust: 1.7

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-8784

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-8784

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2015-8782

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2015-8781

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2015-8683

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2015-8784

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2015-8665

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2015-8783

Trust: 0.5

url:https://access.redhat.com/security/cve/cve-2015-8784

Trust: 0.3

url:http://www.libtiff.org/

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=isg3t1024132

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=isg3t1024193

Trust: 0.3

url:http://seclists.org/oss-sec/2016/q1/191

Trust: 0.3

url:https://support.f5.com/kb/en-us/solutions/public/k/89/sol89096577.html?sr=59127075

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2016-3632

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2015-8668

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2014-8127

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2015-7554

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2014-8130

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2014-9655

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2014-8129

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2014-9330

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2015-1547

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2014-8129

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2014-9330

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2016-3991

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2015-8665

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2015-8683

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2016-3632

Trust: 0.2

url:https://access.redhat.com/security/updates/classification/#important

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2016-3945

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2015-8782

Trust: 0.2

url:https://access.redhat.com/articles/11258

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2016-3945

Trust: 0.2

url:https://access.redhat.com/security/team/contact/

Trust: 0.2

url:https://www.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2014-8127

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2015-8781

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2016-5320

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2014-9655

Trust: 0.2

url:https://bugzilla.redhat.com/):

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2016-5320

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2016-3990

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2016-3991

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2015-8783

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2014-8130

Trust: 0.2

url:https://access.redhat.com/security/team/key/

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2015-1547

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2016-3990

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2015-7554

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2015-8668

Trust: 0.2

url:https://cwe.mitre.org/data/definitions/787.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://usn.ubuntu.com/2939-1/

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/tiff/3.9.5-2ubuntu1.9

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/tiff/4.0.3-7ubuntu0.4

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/tiff/4.0.3-12.3ubuntu2.1

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-3625

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-6223

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7313

Trust: 0.1

url:https://security.gentoo.org/

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-3990

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-5319

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-8127

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-3619

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2014-8128

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-3634

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-5321

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8783

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-9655

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-3633

Trust: 0.1

url:http://creativecommons.org/licenses/by-sa/2.5

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8782

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-3632

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7554

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-5875

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-9318

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-3622

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-3631

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8784

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-3624

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-3623

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-5314

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-8331

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-3624

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2013-4243

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-1547

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-5317

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-3621

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-3631

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-9330

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-9297

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-3620

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-9453

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-3620

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-9273

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-8129

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-8128

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-5316

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-5652

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-3991

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-3621

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8781

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-3186

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-3623

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-9448

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-5315

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-3186

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-3622

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-5102

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-3658

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-5323

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-8130

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-5322

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-3625

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8665

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-5318

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-3945

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-3619

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-3633

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8668

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-5320

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8683

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-7313

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-9532

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-4243

Trust: 0.1

url:https://bugs.gentoo.org.

Trust: 0.1

url:https://www.debian.org/security/faq

Trust: 0.1

url:https://www.debian.org/security/

Trust: 0.1

sources: VULMON: CVE-2015-8784 // BID: 81696 // JVNDB: JVNDB-2015-007063 // PACKETSTORM: 136385 // PACKETSTORM: 138137 // PACKETSTORM: 140402 // PACKETSTORM: 135662 // PACKETSTORM: 138138 // CNNVD: CNNVD-201602-074 // NVD: CVE-2015-8784

CREDITS

Salvatore Bonaccorso

Trust: 0.9

sources: BID: 81696 // CNNVD: CNNVD-201602-074

SOURCES

db:VULMONid:CVE-2015-8784
db:BIDid:81696
db:JVNDBid:JVNDB-2015-007063
db:PACKETSTORMid:136385
db:PACKETSTORMid:138137
db:PACKETSTORMid:140402
db:PACKETSTORMid:135662
db:PACKETSTORMid:138138
db:CNNVDid:CNNVD-201602-074
db:NVDid:CVE-2015-8784

LAST UPDATE DATE

2024-08-14T13:05:21.599000+00:00


SOURCES UPDATE DATE

db:VULMONid:CVE-2015-8784date:2019-12-31T00:00:00
db:BIDid:81696date:2016-12-20T01:01:00
db:JVNDBid:JVNDB-2015-007063date:2016-04-20T00:00:00
db:CNNVDid:CNNVD-201602-074date:2020-01-02T00:00:00
db:NVDid:CVE-2015-8784date:2019-12-31T18:56:22.940

SOURCES RELEASE DATE

db:VULMONid:CVE-2015-8784date:2016-04-13T00:00:00
db:BIDid:81696date:2016-01-24T00:00:00
db:JVNDBid:JVNDB-2015-007063date:2016-04-20T00:00:00
db:PACKETSTORMid:136385date:2016-03-23T23:14:58
db:PACKETSTORMid:138137date:2016-08-02T23:00:03
db:PACKETSTORMid:140402date:2017-01-09T19:12:35
db:PACKETSTORMid:135662date:2016-02-08T18:25:00
db:PACKETSTORMid:138138date:2016-08-02T23:00:12
db:CNNVDid:CNNVD-201602-074date:2016-01-24T00:00:00
db:NVDid:CVE-2015-8784date:2016-04-13T17:59:06.490