CVE-2017-17095

tools/pal2rgb.c in pal2rgb in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (TIFFSetupStrips heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file.

Date published : 2017-12-02

http://www.securityfocus.com/bid/102124

https://www.debian.org/security/2018/dsa-4349