Filtered by vendor Libtiff
Subscribe
Total
250 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2005-1544 | 1 Libtiff | 1 Libtiff | 2023-12-10 | 7.5 HIGH | N/A |
Stack-based buffer overflow in libTIFF before 3.7.2 allows remote attackers to execute arbitrary code via a TIFF file with a malformed BitsPerSample tag. | |||||
CVE-2004-1308 | 1 Libtiff | 1 Libtiff | 2023-12-10 | 10.0 HIGH | N/A |
Integer overflow in (1) tif_dirread.c and (2) tif_fax3.c for libtiff 3.5.7 and 3.7.0 allows remote attackers to execute arbitrary code via a TIFF file containing a TIFF_ASCII or TIFF_UNDEFINED directory entry with a -1 entry count, which leads to a heap-based buffer overflow. | |||||
CVE-2006-3464 | 1 Libtiff | 1 Libtiff | 2023-12-10 | 7.5 HIGH | N/A |
TIFF library (libtiff) before 3.8.2 allows context-dependent attackers to pass numeric range checks and possibly execute code, and trigger assert errors, via large offset values in a TIFF directory that lead to an integer overflow and other unspecified vectors involving "unchecked arithmetic operations". | |||||
CVE-2005-2452 | 1 Libtiff | 1 Libtiff | 2023-12-10 | 5.0 MEDIUM | N/A |
libtiff up to 3.7.0 allows remote attackers to cause a denial of service (application crash) via a TIFF image header with a zero "YCbCr subsampling" value, which causes a divide-by-zero error in (1) tif_strip.c and (2) tif_tile.c, a different vulnerability than CVE-2004-0804. | |||||
CVE-2006-0405 | 1 Libtiff | 1 Libtiff | 2023-12-10 | 5.0 MEDIUM | N/A |
The TIFFFetchShortPair function in tif_dirread.c in libtiff 3.8.0 allows remote attackers to cause a denial of service (application crash) via a crafted TIFF image that triggers a NULL pointer dereference, possibly due to changes in type declarations and/or the TIFFVSetField function. | |||||
CVE-2006-3460 | 1 Libtiff | 1 Libtiff | 2023-12-10 | 7.5 HIGH | N/A |
Heap-based buffer overflow in the JPEG decoder in the TIFF library (libtiff) before 3.8.2 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via an encoded JPEG stream that is longer than the scan line size (TiffScanLineSize). | |||||
CVE-2006-2193 | 1 Libtiff | 1 Libtiff | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in the t2p_write_pdf_string function in tiff2pdf in libtiff 3.8.2 and earlier allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a TIFF file with a DocumentName tag that contains UTF-8 characters, which triggers the overflow when a character is sign extended to an integer that produces more digits than expected in an sprintf call. | |||||
CVE-2004-0803 | 9 Apple, Kde, Libtiff and 6 more | 13 Mac Os X, Mac Os X Server, Kde and 10 more | 2023-12-10 | 7.5 HIGH | N/A |
Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files. | |||||
CVE-2004-1307 | 10 Apple, Avaya, Conectiva and 7 more | 19 Mac Os X, Mac Os X Server, Call Management System Server and 16 more | 2023-12-10 | 7.5 HIGH | N/A |
Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow. | |||||
CVE-2004-0804 | 1 Libtiff | 1 Libtiff | 2023-12-10 | 4.3 MEDIUM | N/A |
Vulnerability in tif_dirread.c for libtiff allows remote attackers to cause a denial of service (application crash) via a TIFF image that causes a divide-by-zero error when the number of row bytes is zero, a different vulnerability than CVE-2005-2452. |