漏洞类别:Local
漏洞等级: 
漏洞信息
Tableau Server, by Tableau Software, is an online solution for sharing, distributing, and collaborating on content created in Tableau. Shareable. Create workbooks and views, dashboards, and data sources in Tableau Desktop, and then publish this content to the server.
Tableau Server and Tableau Desktop include an outdated version of libtiff, a third-party, vulnerable dynamic link library.
Affected Versions:
Tableau Server versions 8.3 (through 8.3.19), 9.0 (through 9.0.22), 9.1 (through 9.1.19), 9.2 (through 9.2.18), 9.3 (through 9.3.15), 10.0 (through 10.0.10), 10.1 (through 10.1.8), 10.2 (through 10.2.2)
Tableau Desktop versions 8.3 (through 8.3.19), 9.0 (through 9.0.22), 9.1 (through 9.1.19), 9.2 (through 9.2.18), 9.3 (through 9.3.15), 10.0 (through 10.0.10), 10.1 (through 10.1.8), 10.2 (through 10.2.2)
漏洞危害
An unauthenticated remote attacker could exploit these vulnerabilities to either execute an arbitrary code or cause denial of service.
解决方案
Customers are advised to refer to Important-ADV-2017-012 for information pertaining to remediating this vulnerability.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0daybank
文章评论