CVE-2016-3620 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2016-3620 Interim 1 22 2023-02-10T02:36:59Z current 2021-05-30T13:40:45Z 2023-02-10T02:36:59Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2016-3620 The ZIPEncode function in tif_zip.c in the bmp2tiff tool in LibTIFF 4.0.6 and earlier, when the "-c zip" option is used, allows remote attackers to cause a denial of service (buffer over-read) via a crafted BMP image. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.suse.com/pipermail/sle-security-updates/2018-November/004880.html E-Mail link for SUSE-SU-2018:3879-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Server 11 SP1-TERADATA SUSE Linux Enterprise Server 11 SP3-TERADATA SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Server for SAP Applications 11 SP4 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Software Development Kit 12 SP1 libtiff-devel libtiff-devel-3.8.2-141.169.22.1 libtiff-devel-32bit-3.8.2-141.169.22.1 libtiff3-3.8.2-141.169.22.1 libtiff3-32bit-3.8.2-141.169.22.1 libtiff3-x86-3.8.2-141.169.22.1 libtiff5 libtiff5-32bit tiff tiff-3.8.2-141.169.22.1 libtiff3-3.8.2-141.169.22.1 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA libtiff3-32bit-3.8.2-141.169.22.1 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA tiff-3.8.2-141.169.22.1 as a component of SUSE Linux Enterprise Server 11 SP1-TERADATA libtiff3-3.8.2-141.169.22.1 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA libtiff3-32bit-3.8.2-141.169.22.1 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA tiff-3.8.2-141.169.22.1 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA libtiff3-3.8.2-141.169.22.1 as a component of SUSE Linux Enterprise Server 11 SP4 libtiff3-32bit-3.8.2-141.169.22.1 as a component of SUSE Linux Enterprise Server 11 SP4 libtiff3-x86-3.8.2-141.169.22.1 as a component of SUSE Linux Enterprise Server 11 SP4 tiff-3.8.2-141.169.22.1 as a component of SUSE Linux Enterprise Server 11 SP4 libtiff3-3.8.2-141.169.22.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 libtiff3-32bit-3.8.2-141.169.22.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 libtiff3-x86-3.8.2-141.169.22.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 tiff-3.8.2-141.169.22.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 libtiff-devel-3.8.2-141.169.22.1 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 libtiff-devel-32bit-3.8.2-141.169.22.1 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 libtiff5 as a component of SUSE Linux Enterprise Desktop 12 libtiff5-32bit as a component of SUSE Linux Enterprise Desktop 12 tiff as a component of SUSE Linux Enterprise Desktop 12 libtiff5 as a component of SUSE Linux Enterprise Desktop 12 SP1 libtiff5-32bit as a component of SUSE Linux Enterprise Desktop 12 SP1 tiff as a component of SUSE Linux Enterprise Desktop 12 SP1 libtiff5 as a component of SUSE Linux Enterprise Server 12 libtiff5-32bit as a component of SUSE Linux Enterprise Server 12 tiff as a component of SUSE Linux Enterprise Server 12 libtiff5 as a component of SUSE Linux Enterprise Server 12 SP1 libtiff5-32bit as a component of SUSE Linux Enterprise Server 12 SP1 tiff as a component of SUSE Linux Enterprise Server 12 SP1 libtiff-devel as a component of SUSE Linux Enterprise Software Development Kit 12 tiff as a component of SUSE Linux Enterprise Software Development Kit 12 libtiff-devel as a component of SUSE Linux Enterprise Software Development Kit 12 SP1 tiff as a component of SUSE Linux Enterprise Software Development Kit 12 SP1 The ZIPEncode function in tif_zip.c in the bmp2tiff tool in LibTIFF 4.0.6 and earlier, when the "-c zip" option is used, allows remote attackers to cause a denial of service (buffer over-read) via a crafted BMP image. CVE-2016-3620 SUSE Linux Enterprise Server 11 SP1-TERADATA:libtiff3-3.8.2-141.169.22.1 SUSE Linux Enterprise Server 11 SP1-TERADATA:libtiff3-32bit-3.8.2-141.169.22.1 SUSE Linux Enterprise Server 11 SP1-TERADATA:tiff-3.8.2-141.169.22.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libtiff3-3.8.2-141.169.22.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:libtiff3-32bit-3.8.2-141.169.22.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:tiff-3.8.2-141.169.22.1 SUSE Linux Enterprise Server 11 SP4:libtiff3-3.8.2-141.169.22.1 SUSE Linux Enterprise Server 11 SP4:libtiff3-32bit-3.8.2-141.169.22.1 SUSE Linux Enterprise Server 11 SP4:libtiff3-x86-3.8.2-141.169.22.1 SUSE Linux Enterprise Server 11 SP4:tiff-3.8.2-141.169.22.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-3.8.2-141.169.22.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-32bit-3.8.2-141.169.22.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libtiff3-x86-3.8.2-141.169.22.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:tiff-3.8.2-141.169.22.1 SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-3.8.2-141.169.22.1 SUSE Linux Enterprise Software Development Kit 11 SP4:libtiff-devel-32bit-3.8.2-141.169.22.1 SUSE Linux Enterprise Desktop 12 SP1:libtiff5 SUSE Linux Enterprise Desktop 12 SP1:libtiff5-32bit SUSE Linux Enterprise Desktop 12 SP1:tiff SUSE Linux Enterprise Desktop 12:libtiff5 SUSE Linux Enterprise Desktop 12:libtiff5-32bit SUSE Linux Enterprise Desktop 12:tiff SUSE Linux Enterprise Server 12 SP1:libtiff5 SUSE Linux Enterprise Server 12 SP1:libtiff5-32bit SUSE Linux Enterprise Server 12 SP1:tiff SUSE Linux Enterprise Server 12:libtiff5 SUSE Linux Enterprise Server 12:libtiff5-32bit SUSE Linux Enterprise Server 12:tiff SUSE Linux Enterprise Software Development Kit 12 SP1:libtiff-devel SUSE Linux Enterprise Software Development Kit 12 SP1:tiff SUSE Linux Enterprise Software Development Kit 12:libtiff-devel SUSE Linux Enterprise Software Development Kit 12:tiff low 5 AV:N/AC:L/Au:N/C:N/I:N/A:P 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H