Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Libtiff Subscribe
Total 227 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-11613 1 Libtiff 1 Libtiff 2018-12-01 4.3 MEDIUM 6.5 MEDIUM
In LibTIFF 4.0.8, there is a denial of service vulnerability in the TIFFOpen function. A crafted input will lead to a denial of service attack. During the TIFFOpen process, td_imagelength is not checked. The value of td_imagelength can be directly controlled by an input file. In the ChopUpSingleUncompressedStrip function, the _TIFFCheckMalloc function is called based on td_imagelength. If we set the value of td_imagelength close to the amount of system memory, it will hang the system or trigger the OOM killer.
CVE-2017-17095 1 Libtiff 1 Libtiff 2018-12-01 6.8 MEDIUM 8.8 HIGH
tools/pal2rgb.c in pal2rgb in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (TIFFSetupStrips heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file.
CVE-2016-3945 2 Libtiff, Oracle 2 Libtiff, Vm Server 2018-10-30 6.8 MEDIUM 7.8 HIGH
Multiple integer overflows in the (1) cvt_by_strip and (2) cvt_by_tile functions in the tiff2rgba tool in LibTIFF 4.0.6 and earlier, when -b mode is enabled, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted TIFF image, which triggers an out-of-bounds write.
CVE-2010-3087 2 Libtiff, Opensuse 2 Libtiff, Opensuse 2018-10-30 6.8 MEDIUM N/A
LibTIFF before 3.9.2-5.2.1 in SUSE openSUSE 11.3 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted TIFF image.
CVE-2015-7554 1 Libtiff 1 Libtiff 2018-10-30 7.5 HIGH 9.8 CRITICAL
The _TIFFVGetField function in tif_dir.c in libtiff 4.0.6 allows attackers to cause a denial of service (invalid memory write and crash) or possibly have unspecified other impact via crafted field data in an extension tag in a TIFF image.
CVE-2015-8668 1 Libtiff 1 Libtiff 2018-10-30 7.5 HIGH 9.8 CRITICAL
Heap-based buffer overflow in the PackBitsPreEncode function in tif_packbits.c in bmp2tiff in libtiff 4.0.6 and earlier allows remote attackers to execute arbitrary code or cause a denial of service via a large width field in a BMP image.
CVE-2016-3186 2 Libtiff, Opensuse 2 Libtiff, Opensuse 2018-10-30 5.0 MEDIUM 6.2 MEDIUM
Buffer overflow in the readextension function in gif2tiff.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (application crash) via a crafted GIF file.
CVE-2016-3623 2 Libtiff, Opensuse 2 Libtiff, Opensuse 2018-10-30 5.0 MEDIUM 7.5 HIGH
The rgb2ycbcr tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (divide-by-zero) by setting the (1) v or (2) h parameter to 0.
CVE-2016-3625 1 Libtiff 1 Libtiff 2018-10-30 4.3 MEDIUM 6.5 MEDIUM
tif_read.c in the tiff2bw tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TIFF image.
CVE-2016-3631 1 Libtiff 1 Libtiff 2018-10-30 5.0 MEDIUM 7.5 HIGH
The (1) cpStrips and (2) cpTiles functions in the thumbnail tool in LibTIFF 4.0.6 and earlier allow remote attackers to cause a denial of service (out-of-bounds read) via vectors related to the bytecounts[] array variable.
CVE-2016-3632 2 Libtiff, Oracle 2 Libtiff, Vm Server 2018-10-30 6.8 MEDIUM 7.8 HIGH
The _TIFFVGetField function in tif_dirinfo.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via a crafted TIFF image.
CVE-2016-3633 1 Libtiff 1 Libtiff 2018-10-30 5.0 MEDIUM 7.5 HIGH
The setrow function in the thumbnail tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to the src variable.
CVE-2016-3634 1 Libtiff 1 Libtiff 2018-10-30 5.0 MEDIUM 7.5 HIGH
The tagCompare function in tif_dirinfo.c in the thumbnail tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to field_tag matching.
CVE-2016-3658 1 Libtiff 1 Libtiff 2018-10-30 5.0 MEDIUM 7.5 HIGH
The TIFFWriteDirectoryTagLongLong8Array function in tif_dirwrite.c in the tiffset tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via vectors involving the ma variable.
CVE-2016-3990 2 Libtiff, Oracle 2 Libtiff, Vm Server 2018-10-30 6.8 MEDIUM 7.8 HIGH
Heap-based buffer overflow in the horizontalDifference8 function in tif_pixarlog.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted TIFF image to tiffcp.
CVE-2016-3991 2 Libtiff, Oracle 2 Libtiff, Vm Server 2018-10-30 6.8 MEDIUM 7.8 HIGH
Heap-based buffer overflow in the loadImage function in the tiffcrop tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via a crafted TIFF image with zero tiles.
CVE-2016-5316 3 Libtiff, Opensuse, Opensuse Project 3 Libtiff, Opensuse, Leap 2018-10-30 4.3 MEDIUM 6.5 MEDIUM
Out-of-bounds read in the PixarLogCleanup function in tif_pixarlog.c in libtiff 4.0.6 and earlier allows remote attackers to crash the application by sending a crafted TIFF image to the rgb2ycbcr tool.
CVE-2016-5317 3 Libtiff, Opensuse, Opensuse Project 3 Libtiff, Opensuse, Leap 2018-10-30 4.3 MEDIUM 6.5 MEDIUM
Buffer overflow in the PixarLogDecode function in libtiff.so in the PixarLogDecode function in libtiff 4.0.6 and earlier, as used in GNOME nautilus, allows attackers to cause a denial of service attack (crash) via a crafted TIFF file.
CVE-2016-5321 2 Libtiff, Opensuse 2 Libtiff, Opensuse 2018-10-30 4.3 MEDIUM 6.5 MEDIUM
The DumpModeDecode function in libtiff 4.0.6 and earlier allows attackers to cause a denial of service (invalid read and crash) via a crafted tiff image.
CVE-2016-5323 2 Libtiff, Opensuse 2 Libtiff, Opensuse 2018-10-30 5.0 MEDIUM 7.5 HIGH
The _TIFFFax3fillruns function in libtiff before 4.0.6 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted Tiff image.