Base Score

MEDIUM5.5

CVE-2015-7313

LibTIFF before 4.0.7 allows remote attackers to cause a denial of service (memory consumption and crash) via a crafted tiff file.

VectorLOCAL

Published Bycve@mitre.org

Published DateMar 17, 2017, 14:59

Weakness Type (CWE):CWE-399

CVSS Metrics

Base Score

5.5

Vector String

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Base Severity

MEDIUM

Version

3.1

Attack Vector (AV)

LOCAL

Attack Complexity (AC)

LOW

Privileges Required (PR)

NONE

User Interaction (UI)

REQUIRED

Scope (S)

UNCHANGED

Confidentiality (C)

NONE

Integrity (I)

NONE

Availability (A)

HIGH

References

http://seclists.org/oss-sec/2015/q3/601
http://www.securityfocus.com/bid/76843
https://bugzilla.redhat.com/show_bug.cgi?id=1265998
https://security-tracker.debian.org/tracker/CVE-2015-7313
https://security.gentoo.org/glsa/201701-16
https://ubuntu.com/security/CVE-2015-7313

Base Score

MEDIUM5.5

Weakness Type (CWE):CWE-399

CVSS Metrics

Base Score

5.5

Vector String

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Base Severity

MEDIUM

Version

3.1

Attack Vector (AV)

LOCAL

Attack Complexity (AC)

LOW

Privileges Required (PR)

NONE

User Interaction (UI)

REQUIRED

Scope (S)

UNCHANGED

Confidentiality (C)

NONE

Integrity (I)

NONE

Availability (A)

HIGH