Think you have a false positive on this rule?

Sid 1-51094

Message

FILE-IMAGE Multiple products JBIG compressed TIFF buffer overflow attempt

Summary

This event is generated upon download of a potentially crafted TIFF file.

Impact

Attempted User Privilege Gain

Detailed information

Crafted JBIG compressed TIFF files will crash multiple products using vulnerable versions of libtiff.

Affected systems

libtiff v.4.0.9 and prior

Ease of attack

False positives

False negatives

Corrective action

Contributors

Cisco Talos Intelligence Group

Additional References

CVE-2018-18557

©2019 Cisco and/or its affiliates. Snort, the Snort and Pig logo are registered trademarks of Cisco. All rights reserved.

Privacy Policy | Snort License | FAQ | Sitemap

Follow us on twitter