Filtered by vendor Libtiff
Subscribe
Total
250 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2016-10272 | 1 Libtiff | 1 Libtiff | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted TIFF image, related to "WRITE of size 2048" and libtiff/tif_next.c:64:9. | |||||
CVE-2017-5563 | 1 Libtiff | 1 Libtiff | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
LibTIFF version 4.0.7 is vulnerable to a heap-based buffer over-read in tif_lzw.c resulting in DoS or code execution via a crafted bmp image to tools/bmp2tiff. | |||||
CVE-2016-5322 | 2 Debian, Libtiff | 2 Debian Linux, Libtiff | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image. | |||||
CVE-2017-7600 | 1 Libtiff | 1 Libtiff | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
LibTIFF 4.0.7 has an "outside the range of representable values of type unsigned char" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. | |||||
CVE-2015-7313 | 1 Libtiff | 1 Libtiff | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
LibTIFF allows remote attackers to cause a denial of service (memory consumption and crash) via a crafted tiff file. | |||||
CVE-2016-10371 | 1 Libtiff | 1 Libtiff | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
The TIFFWriteDirectoryTagCheckedRational function in tif_dirwrite.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted TIFF file. | |||||
CVE-2016-10267 | 1 Libtiff | 1 Libtiff | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image, related to libtiff/tif_ojpeg.c:816:8. | |||||
CVE-2017-7593 | 1 Libtiff | 1 Libtiff | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
tif_read.c in LibTIFF 4.0.7 does not ensure that tif_rawdata is properly initialized, which might allow remote attackers to obtain sensitive information from process memory via a crafted image. | |||||
CVE-2016-5321 | 2 Libtiff, Opensuse | 2 Libtiff, Opensuse | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
The DumpModeDecode function in libtiff 4.0.6 and earlier allows attackers to cause a denial of service (invalid read and crash) via a crafted tiff image. | |||||
CVE-2016-10095 | 1 Libtiff | 1 Libtiff | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
Stack-based buffer overflow in the _TIFFVGetField function in tif_dir.c in LibTIFF 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7 and 4.0.8 allows remote attackers to cause a denial of service (crash) via a crafted TIFF file. | |||||
CVE-2017-7596 | 1 Libtiff | 1 Libtiff | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
LibTIFF 4.0.7 has an "outside the range of representable values of type float" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. | |||||
CVE-2016-9534 | 1 Libtiff | 1 Libtiff | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
tif_write.c in libtiff 4.0.6 has an issue in the error code path of TIFFFlushData1() that didn't reset the tif_rawcc and tif_rawcp members. Reported as MSVR 35095, aka "TIFFFlushData1 heap-buffer-overflow." | |||||
CVE-2016-5318 | 1 Libtiff | 1 Libtiff | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
Stack-based buffer overflow in the _TIFFVGetField function in libtiff 4.0.6 and earlier allows remote attackers to crash the application via a crafted tiff. | |||||
CVE-2017-7597 | 1 Libtiff | 1 Libtiff | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
tif_dirread.c in LibTIFF 4.0.7 has an "outside the range of representable values of type float" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. | |||||
CVE-2016-10266 | 1 Libtiff | 1 Libtiff | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image, related to libtiff/tif_read.c:351:22. | |||||
CVE-2016-5319 | 1 Libtiff | 1 Libtiff | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
Heap-based buffer overflow in tif_packbits.c in libtiff 4.0.6 and earlier allows remote attackers to crash the application via a crafted bmp file. | |||||
CVE-2017-9117 | 2 Canonical, Libtiff | 2 Ubuntu Linux, Libtiff | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
In LibTIFF 4.0.7, the program processes BMP images without verifying that biWidth and biHeight in the bitmap-information header match the actual input, leading to a heap-based buffer over-read in bmp2tiff. | |||||
CVE-2016-9297 | 1 Libtiff | 1 Libtiff | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via crafted TIFF_SETGET_C16ASCII or TIFF_SETGET_C32_ASCII tag values. | |||||
CVE-2016-9535 | 1 Libtiff | 1 Libtiff | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
tif_predict.h and tif_predict.c in libtiff 4.0.6 have assertions that can lead to assertion failures in debug mode, or buffer overflows in release mode, when dealing with unusual tile size like YCbCr with subsampling. Reported as MSVR 35105, aka "Predictor heap-buffer-overflow." | |||||
CVE-2016-9536 | 1 Libtiff | 1 Libtiff | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
tools/tiff2pdf.c in libtiff 4.0.6 has out-of-bounds write vulnerabilities in heap allocated buffers in t2p_process_jpeg_strip(). Reported as MSVR 35098, aka "t2p_process_jpeg_strip heap-buffer-overflow." |