Total
251 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2016-10269 | 1 Libtiff | 1 Libtiff | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
LibTIFF 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6 and 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted TIFF image, related to "READ of size 512" and libtiff/tif_unix.c:340:2. | |||||
CVE-2016-9535 | 1 Libtiff | 1 Libtiff | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
tif_predict.h and tif_predict.c in libtiff 4.0.6 have assertions that can lead to assertion failures in debug mode, or buffer overflows in release mode, when dealing with unusual tile size like YCbCr with subsampling. Reported as MSVR 35105, aka "Predictor heap-buffer-overflow." | |||||
CVE-2017-7599 | 1 Libtiff | 1 Libtiff | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
LibTIFF 4.0.7 has an "outside the range of representable values of type short" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. | |||||
CVE-2016-10092 | 1 Libtiff | 1 Libtiff | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
Heap-based buffer overflow in the readContigStripsIntoBuffer function in tif_unix.c in LibTIFF 4.0.7, 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5 and 4.0.6 allows remote attackers to have unspecified impact via a crafted image. | |||||
CVE-2016-5315 | 2 Debian, Libtiff | 2 Debian Linux, Libtiff | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image. | |||||
CVE-2017-7600 | 1 Libtiff | 1 Libtiff | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
LibTIFF 4.0.7 has an "outside the range of representable values of type unsigned char" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. | |||||
CVE-2016-5321 | 2 Libtiff, Opensuse | 2 Libtiff, Opensuse | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
The DumpModeDecode function in libtiff 4.0.6 and earlier allows attackers to cause a denial of service (invalid read and crash) via a crafted tiff image. | |||||
CVE-2015-7313 | 1 Libtiff | 1 Libtiff | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
LibTIFF allows remote attackers to cause a denial of service (memory consumption and crash) via a crafted tiff file. | |||||
CVE-2016-6223 | 1 Libtiff | 1 Libtiff | 2024-02-28 | 6.4 MEDIUM | 9.1 CRITICAL |
The TIFFReadRawStrip1 and TIFFReadRawTile1 functions in tif_read.c in libtiff before 4.0.7 allows remote attackers to cause a denial of service (crash) or possibly obtain sensitive information via a negative index in a file-content buffer. | |||||
CVE-2017-7592 | 1 Libtiff | 1 Libtiff | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
The putagreytile function in tif_getimage.c in LibTIFF 4.0.7 has a left-shift undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. | |||||
CVE-2016-10094 | 1 Libtiff | 1 Libtiff | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
Off-by-one error in the t2p_readwrite_pdf_image_tile function in tools/tiff2pdf.c in LibTIFF 4.0.7 allows remote attackers to have unspecified impact via a crafted image. | |||||
CVE-2016-10270 | 1 Libtiff | 1 Libtiff | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted TIFF image, related to "READ of size 8" and libtiff/tif_read.c:523:22. | |||||
CVE-2017-5563 | 1 Libtiff | 1 Libtiff | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
LibTIFF version 4.0.7 is vulnerable to a heap-based buffer over-read in tif_lzw.c resulting in DoS or code execution via a crafted bmp image to tools/bmp2tiff. | |||||
CVE-2017-9147 | 1 Libtiff | 1 Libtiff | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
LibTIFF 4.0.7 has an invalid read in the _TIFFVGetField function in tif_dir.c, which might allow remote attackers to cause a denial of service (crash) via a crafted TIFF file. | |||||
CVE-2017-7601 | 1 Libtiff | 1 Libtiff | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
LibTIFF 4.0.7 has a "shift exponent too large for 64-bit type long" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. | |||||
CVE-2016-10271 | 1 Libtiff | 1 Libtiff | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
tools/tiffcrop.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer over-read and buffer overflow) or possibly have unspecified other impact via a crafted TIFF image, related to "READ of size 1" and libtiff/tif_fax3.c:413:13. | |||||
CVE-2016-5102 | 1 Libtiff | 1 Libtiff | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
Buffer overflow in the readgifimage function in gif2tiff.c in the gif2tiff tool in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (segmentation fault) via a crafted gif file. | |||||
CVE-2016-9540 | 1 Libtiff | 1 Libtiff | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
tools/tiffcp.c in libtiff 4.0.6 has an out-of-bounds write on tiled images with odd tile width versus image width. Reported as MSVR 35103, aka "cpStripToTile heap-buffer-overflow." | |||||
CVE-2017-7596 | 1 Libtiff | 1 Libtiff | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
LibTIFF 4.0.7 has an "outside the range of representable values of type float" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. | |||||
CVE-2017-7597 | 1 Libtiff | 1 Libtiff | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
tif_dirread.c in LibTIFF 4.0.7 has an "outside the range of representable values of type float" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. |