Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Libtiff Subscribe
Filtered by product Libtiff
Total 227 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2006-3463 1 Libtiff 1 Libtiff 2017-10-10 7.8 HIGH N/A
The EstimateStripByteCounts function in TIFF library (libtiff) before 3.8.2 uses a 16-bit unsigned short when iterating over an unsigned 32-bit value, which allows context-dependent attackers to cause a denial of service via a large td_nstrips value, which triggers an infinite loop.
CVE-2006-3465 1 Libtiff 1 Libtiff 2017-10-10 7.5 HIGH N/A
Unspecified vulnerability in the custom tag support for the TIFF library (libtiff) before 3.8.2 allows remote attackers to cause a denial of service (instability or crash) and execute arbitrary code via unknown vectors.
CVE-2004-0803 9 Apple, Kde, Libtiff and 6 more 13 Mac Os X, Mac Os X Server, Kde and 10 more 2017-10-10 7.5 HIGH N/A
Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files.
CVE-2004-0886 9 Apple, Kde, Libtiff and 6 more 13 Mac Os X, Mac Os X Server, Kde and 10 more 2017-10-10 5.0 MEDIUM N/A
Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a denial of service (crash or memory corruption) via TIFF images that lead to incorrect malloc calls.
CVE-2004-1183 1 Libtiff 1 Libtiff 2017-10-10 5.1 MEDIUM N/A
Integer overflow in the tiffdump utility for libtiff 3.7.1 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted TIFF file.
CVE-2004-1308 1 Libtiff 1 Libtiff 2017-10-10 10.0 HIGH N/A
Integer overflow in (1) tif_dirread.c and (2) tif_fax3.c for libtiff 3.5.7 and 3.7.0 allows remote attackers to execute arbitrary code via a TIFF file containing a TIFF_ASCII or TIFF_UNDEFINED directory entry with a -1 entry count, which leads to a heap-based buffer overflow.
CVE-2016-3621 1 Libtiff 1 Libtiff 2017-09-02 6.8 MEDIUM 8.8 HIGH
The LZWEncode function in tif_lzw.c in the bmp2tiff tool in LibTIFF 4.0.6 and earlier, when the "-c lzw" option is used, allows remote attackers to cause a denial of service (buffer over-read) via a crafted BMP image.
CVE-2016-3620 1 Libtiff 1 Libtiff 2017-09-02 5.0 MEDIUM 7.5 HIGH
The ZIPEncode function in tif_zip.c in the bmp2tiff tool in LibTIFF 4.0.6 and earlier, when the "-c zip" option is used, allows remote attackers to cause a denial of service (buffer over-read) via a crafted BMP image.
CVE-2016-3619 1 Libtiff 1 Libtiff 2017-09-02 4.3 MEDIUM 6.5 MEDIUM
The DumpModeEncode function in tif_dumpmode.c in the bmp2tiff tool in LibTIFF 4.0.6 and earlier, when the "-c none" option is used, allows remote attackers to cause a denial of service (buffer over-read) via a crafted BMP image.
CVE-2006-0405 1 Libtiff 1 Libtiff 2017-07-19 5.0 MEDIUM N/A
The TIFFFetchShortPair function in tif_dirread.c in libtiff 3.8.0 allows remote attackers to cause a denial of service (application crash) via a crafted TIFF image that triggers a NULL pointer dereference, possibly due to changes in type declarations and/or the TIFFVSetField function.
CVE-2005-1544 1 Libtiff 1 Libtiff 2017-07-10 7.5 HIGH N/A
Stack-based buffer overflow in libTIFF before 3.7.2 allows remote attackers to execute arbitrary code via a TIFF file with a malformed BitsPerSample tag.
CVE-2004-0929 2 Libtiff, Suse 2 Libtiff, Suse Linux 2017-07-10 10.0 HIGH N/A
Heap-based buffer overflow in the OJPEGVSetField function in tif_ojpeg.c for libtiff 3.6.1 and earlier, when compiled with the OJPEG_SUPPORT (old JPEG support) option, allows remote attackers to execute arbitrary code via a malformed TIFF image.
CVE-2016-5319 1 Libtiff 1 Libtiff 2017-06-30 4.3 MEDIUM 6.5 MEDIUM
Heap-based buffer overflow in tif_packbits.c in libtiff 4.0.6 and earlier allows remote attackers to crash the application via a crafted bmp file.
CVE-2016-5322 2 Debian, Libtiff 2 Debian Linux, Libtiff 2017-04-17 4.3 MEDIUM 5.5 MEDIUM
The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image.
CVE-2016-10271 1 Libtiff 1 Libtiff 2017-03-30 6.8 MEDIUM 7.8 HIGH
tools/tiffcrop.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer over-read and buffer overflow) or possibly have unspecified other impact via a crafted TIFF image, related to "READ of size 1" and libtiff/tif_fax3.c:413:13.
CVE-2016-10272 1 Libtiff 1 Libtiff 2017-03-30 6.8 MEDIUM 7.8 HIGH
LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted TIFF image, related to "WRITE of size 2048" and libtiff/tif_next.c:64:9.
CVE-2015-7313 1 Libtiff 1 Libtiff 2017-03-20 4.3 MEDIUM 5.5 MEDIUM
LibTIFF allows remote attackers to cause a denial of service (memory consumption and crash) via a crafted tiff file.
CVE-2016-5315 2 Debian, Libtiff 2 Debian Linux, Libtiff 2017-03-08 4.3 MEDIUM 5.5 MEDIUM
The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image.
CVE-2016-9532 2 Debian, Libtiff 2 Debian Linux, Libtiff 2017-02-08 4.3 MEDIUM 5.5 MEDIUM
Integer overflow in the writeBufferToSeparateStrips function in tiffcrop.c in LibTIFF before 4.0.7 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tif file.
CVE-2016-9539 1 Libtiff 1 Libtiff 2016-12-09 7.5 HIGH 9.8 CRITICAL
tools/tiffcrop.c in libtiff 4.0.6 has an out-of-bounds read in readContigTilesIntoBuffer(). Reported as MSVR 35092.