CVE-2016-9535: tif_predict.h and tif_predict.c in libtiff 4.0.6 have assertions that can lead to assertion failures in deb...
tif_predict.h and tif_predict.c in libtiff 4.0.6 have assertions that can lead to assertion failures in debug mode, or buffer overflows in release mode, when dealing with unusual tile size like YCbCr with subsampling. Reported as MSVR 35105, aka "Predictor heap-buffer-overflow."
Security readout for executives and security teams
This flaw affects libtiff 4.0.6 predictor handling. A malformed TIFF using unusual tile sizing, such as YCbCr with subsampling, can crash debug builds or cause heap buffer overflow in release builds. The main business risk is any service, workflow, or application that processes TIFF files from untrusted sources. Exposure is most likely in systems that include vulnerable libtiff builds and parse TIFF images, especially upload handlers, conversion services, scanners, document workflows, and image-processing components. The provided affected-product metadata is incomplete, so confirm through local package inventory and vendor advisories. Treat as high-priority remediation for any internet-facing or partner-facing TIFF processing. If TIFF parsing is internal-only and patched through supported OS packages, urgency is lower but still warrants verification because bundled libraries are often missed. Mitigation focus: Apply libtiff updates from your operating system or software vendor.; Check Debian DSA-3844 and Red Hat RHSA-2017:0225 where applicable.; Prioritize services that process TIFF files from external or unauthenticated users..
Prepared
Generated from the cited source records. This long-tail analysis has not been individually reviewed by a named human.
Potential ATT&CK relevance
Conservative CVE-to-ATT&CK context
These mappings and lookup hints may be relevant to the vulnerability behavior, CWE, affected product, or exposure path. Glexia-inferred context is not an official MITRE, ATT&CK, CWE, or CVE Program mapping.
ATT&CK lookup starting points
Use these exact CWE pages and searches to review the Glexia ATT&CK library from this CVE's weakness and description context.
cwe · low confidence lookup
CWE-119: Exact CWE lookup
Use the exact CWE identifier as the starting point before reviewing related ATT&CK behavior. Open the exact CWE lookup page first, then review the ATT&CK searches from that MITRE weakness context. This is a Glexia lookup hint, not an official ATT&CK mapping.
These fields come from the CVE record and ADP containers, not from Glexia's Take. They preserve time-varying source decisions such as CISA SSVC, KEV status, CVSS metrics, and provider references.
1CVSS vectors
3Timeline events
2ADP providers
3Source links
SSVC decision data
CISA-ADPCISA Coordinator
Timestamp
Version
2.0.3
Exploitation: noneAutomatable: yesTechnical Impact: total
CVSS vector scores
1 official score
We collect every scored CVSS vector available in the official CNA and ADP containers. When more than one version is present, the table keeps the source vectors side by side instead of collapsing them into the highest score.
CWE links open Glexia weakness intelligence pages with official CWE context, developer remediation guidance, and related CVE mappings.
CWE-119 · source CWE mapping
Improper Restriction of Operations within the Bounds of a Memory Buffer
Improper Restriction of Operations within the Bounds of a Memory Buffer represents a recurring weakness pattern that can create exploitable paths when design, validation, or implementation controls are missing.