CVE-2016-9536

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2016-9536
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-9536.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2016-9536
Downstream
Related
Published
2016-11-22T19:59:04Z
Modified
2025-10-18T08:44:45.723656Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

tools/tiff2pdf.c in libtiff 4.0.6 has out-of-bounds write vulnerabilities in heap allocated buffers in t2pprocessjpegstrip(). Reported as MSVR 35098, aka "t2pprocessjpegstrip heap-buffer-overflow."

References

Affected packages

Git / github.com/vadz/libtiff

Affected ranges

Type
GIT
Repo
https://github.com/vadz/libtiff
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
83a4b92815ea04969d494416eaae3d4c6b338e4a

Affected versions

Other

Pre360
Release-
Release-3-7-0
Release-v3-5-
Release-v3-5-4
Release-v3-5-5
Release-v3-5-7
Release-v3-6-0
Release-v3-6-0beta2
Release-v3-6-1
Release-v3-7-0-alpha
Release-v3-7-0beta
Release-v3-7-0beta2
Release-v3-7-1
Release-v3-7-2
Release-v3-7-3
Release-v3-7-4
Release-v3-8-0
Release-v3-8-1
Release-v3-8-2
Release-v4-0-0
Release-v4-0-0alpha
Release-v4-0-0alpha4
Release-v4-0-0alpha5
Release-v4-0-0alpha6
Release-v4-0-0beta7
Release-v4-0-1
Release-v4-0-2
Release-v4-0-3
Release-v4-0-4
Release-v4-0-4beta
Release-v4-0-5
Release-v4-0-6

Database specific

vanir_signatures

[
    {
        "digest": {
            "function_hash": "88019463951221511764405975192975588011",
            "length": 15168.0
        },
        "id": "CVE-2016-9536-00421608",
        "target": {
            "function": "t2p_readwrite_pdf_image",
            "file": "tools/tiff2pdf.c"
        },
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://github.com/vadz/libtiff/commit/83a4b92815ea04969d494416eaae3d4c6b338e4a",
        "signature_type": "Function"
    },
    {
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "117112323259344223833475556500622594259",
                "144562193145538188916172975033903991939",
                "210874818685827076760726421977356114356",
                "167457637744200498288873553798755757941",
                "279710318255183697674778972530578319839",
                "182723839043551894969220729657777568311",
                "179506914801651737202496035516015482859",
                "121368253602005380541182632685182623986",
                "338206349815407984064122601696420529100",
                "101760269786035384966845509285196150945",
                "307005722251892113518012785085878579106",
                "30390668568652839551222360198513326690",
                "46866917487450665939760354233617879436",
                "78149491166009279723732446265106863334",
                "105545265367495464498122003768023620035",
                "44048045219524339399334189420515340543",
                "262726798695970295498516737684712750254",
                "10110133054761737231175775909926625912",
                "23218289083490410694997667380684606785",
                "310233858471791319400250953710670297235",
                "203711567262293833779458379456840569261",
                "272162734410589867247991443819348977204",
                "274306025372165375019047299165760456601",
                "210751992773568308284706322761504583281",
                "101713304003409915346279373195908226151",
                "162867869520564585956569690443868626027",
                "94368858105844853090795049351794689551",
                "174535904465584288911633174284360373669",
                "241464164341952458653223732888592650441",
                "109589458600794711252066886834445454120",
                "331314831328103882273363111915999456153",
                "332888468193464188134604969123631028292",
                "131661770201569780593486124137089492337",
                "145797503187807186431772020967633149410",
                "130481442836014770457556044512253018419",
                "255892593270255823512568604756836773562",
                "271424718019632675915702773541809465798",
                "333683048002767071485483562642829477792",
                "296108699079536827817543491392776770006",
                "138178340195483357479604619066700676426",
                "56374075224321062242874840591671121829",
                "32942682289684704388808100865425784590",
                "231372596963552484351277729658436342466"
            ]
        },
        "id": "CVE-2016-9536-15de4d54",
        "target": {
            "file": "tools/tiff2pdf.c"
        },
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://github.com/vadz/libtiff/commit/83a4b92815ea04969d494416eaae3d4c6b338e4a",
        "signature_type": "Line"
    },
    {
        "digest": {
            "function_hash": "252107940369276295645065162026460407848",
            "length": 2387.0
        },
        "id": "CVE-2016-9536-2d110549",
        "target": {
            "function": "t2p_process_jpeg_strip",
            "file": "tools/tiff2pdf.c"
        },
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://github.com/vadz/libtiff/commit/83a4b92815ea04969d494416eaae3d4c6b338e4a",
        "signature_type": "Function"
    },
    {
        "digest": {
            "function_hash": "183740283451253688784876058306616725327",
            "length": 9251.0
        },
        "id": "CVE-2016-9536-3cf0b408",
        "target": {
            "function": "loadImage",
            "file": "tools/tiffcrop.c"
        },
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://github.com/vadz/libtiff/commit/83a4b92815ea04969d494416eaae3d4c6b338e4a",
        "signature_type": "Function"
    },
    {
        "digest": {
            "function_hash": "246327942660240271211262596706791187246",
            "length": 960.0
        },
        "id": "CVE-2016-9536-62a2ed5f",
        "target": {
            "function": "reverseSamplesBytes",
            "file": "tools/tiffcrop.c"
        },
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://github.com/vadz/libtiff/commit/83a4b92815ea04969d494416eaae3d4c6b338e4a",
        "signature_type": "Function"
    },
    {
        "digest": {
            "function_hash": "46982081775376058319603763350491718546",
            "length": 1762.0
        },
        "id": "CVE-2016-9536-6406537e",
        "target": {
            "function": "horizontalDifference16",
            "file": "libtiff/tif_pixarlog.c"
        },
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://github.com/vadz/libtiff/commit/83a4b92815ea04969d494416eaae3d4c6b338e4a",
        "signature_type": "Function"
    },
    {
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "205316624495461107143889132108106423089",
                "265673044131452380636924265429562119016",
                "125337659118349023288144630698566363386",
                "194308659459503417629313897834588412062",
                "201354101766401830369969390807717733159",
                "322812330950112735422862359173324374874",
                "143801085981218241387614880035211509851",
                "35222736082261731618124106694282783867",
                "148112448371721034374519135894250079489",
                "117368531517646142325778349975948951145",
                "71052179919210352563488475789413848625",
                "42355639345712210594642651938861978648",
                "337859860493266850707186932336961840713",
                "39077536332336494230375252957937612789",
                "55905503517158592613341906875436584565",
                "163872770385938979460686356704112593704",
                "15325757244220142807197424310764569655"
            ]
        },
        "id": "CVE-2016-9536-73478d2c",
        "target": {
            "file": "tools/tiffcrop.c"
        },
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://github.com/vadz/libtiff/commit/83a4b92815ea04969d494416eaae3d4c6b338e4a",
        "signature_type": "Line"
    },
    {
        "digest": {
            "function_hash": "336974130481715274748212091977756961619",
            "length": 1778.0
        },
        "id": "CVE-2016-9536-8cd04f6f",
        "target": {
            "function": "horizontalDifference8",
            "file": "libtiff/tif_pixarlog.c"
        },
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://github.com/vadz/libtiff/commit/83a4b92815ea04969d494416eaae3d4c6b338e4a",
        "signature_type": "Function"
    },
    {
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "168778683988015749415761190987781815317",
                "120539506771473592544892535126542465433",
                "331473340755202819579353491512124111325",
                "203499294147954101735967217266866951033",
                "237595288556302920595583087057949187827",
                "147900042652371771295313326495694145977",
                "291264068232821951512332238850975179483",
                "111984926203013891380286318167062785965",
                "271273424029538886479444092822924698281",
                "144357894407343751130021581969741292137",
                "207001919918290765974801517422974678398",
                "23026374422442736694843469488155482888",
                "55321358480290313970788704418819198250",
                "302239710542018439102186682450657734752",
                "157535021048383647301343033324622981941",
                "120539506771473592544892535126542465433",
                "331473340755202819579353491512124111325",
                "203499294147954101735967217266866951033",
                "111023209860894570099536426590405128341",
                "158390765308758213885367871576796815218",
                "133892026813614459858318638180860386180",
                "217873574642729785037476801754391779082",
                "271273424029538886479444092822924698281",
                "144357894407343751130021581969741292137",
                "6745380161081907553222144472971406603",
                "287001925648634010483687835199835264182",
                "170434654942848681500090094038986343469",
                "221434968346132474915114729019861790402",
                "90829083827528446159166522768709829587",
                "184871785926125041454975505904865795388",
                "273779778197496942356304809905869924725",
                "116409018182425777371419156417403555510",
                "208872210663291046521675627166370283632",
                "158390765308758213885367871576796815218",
                "133892026813614459858318638180860386180",
                "217873574642729785037476801754391779082",
                "271273424029538886479444092822924698281",
                "144357894407343751130021581969741292137",
                "6745380161081907553222144472971406603",
                "287001925648634010483687835199835264182",
                "170434654942848681500090094038986343469",
                "221434968346132474915114729019861790402",
                "93662261141235397336793541586627527916"
            ]
        },
        "id": "CVE-2016-9536-af4b6863",
        "target": {
            "file": "libtiff/tif_pixarlog.c"
        },
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://github.com/vadz/libtiff/commit/83a4b92815ea04969d494416eaae3d4c6b338e4a",
        "signature_type": "Line"
    },
    {
        "digest": {
            "function_hash": "9939657162050573481422511850061865316",
            "length": 2036.0
        },
        "id": "CVE-2016-9536-b1b6e3ff",
        "target": {
            "function": "horizontalDifferenceF",
            "file": "libtiff/tif_pixarlog.c"
        },
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://github.com/vadz/libtiff/commit/83a4b92815ea04969d494416eaae3d4c6b338e4a",
        "signature_type": "Function"
    },
    {
        "digest": {
            "function_hash": "236969961741366081545599122336855606428",
            "length": 526.0
        },
        "id": "CVE-2016-9536-cfbf3dc1",
        "target": {
            "function": "TIFFFlushData1",
            "file": "libtiff/tif_write.c"
        },
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://github.com/vadz/libtiff/commit/83a4b92815ea04969d494416eaae3d4c6b338e4a",
        "signature_type": "Function"
    },
    {
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "16906484501165277227366997244179632832",
                "202393771188039352727249793171890633838",
                "66929609002313280633003932852104003162",
                "115587544957025723080910332083760745579",
                "297346610758618059012513128558105241319"
            ]
        },
        "id": "CVE-2016-9536-f811811a",
        "target": {
            "file": "libtiff/tif_write.c"
        },
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://github.com/vadz/libtiff/commit/83a4b92815ea04969d494416eaae3d4c6b338e4a",
        "signature_type": "Line"
    }
]

Git / github.com/vadz/libtiff

Affected ranges

Type
GIT
Repo
https://gitlab.com/libtiff/libtiff
Events
Introduced
0 Unknown introduced commit / All previous commits are affected