Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Libtiff Subscribe
Total 227 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-9448 2 Libtiff, Opensuse 2 Libtiff, Opensuse 2018-10-30 5.0 MEDIUM 7.5 HIGH
The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) by setting the tags TIFF_SETGET_C16ASCII or TIFF_SETGET_C32_ASCII to values that access 0-byte arrays. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9297.
CVE-2004-1307 10 Apple, Avaya, Conectiva and 7 more 19 Mac Os X, Mac Os X Server, Call Management System Server and 16 more 2018-10-30 7.5 HIGH N/A
Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow.
CVE-2008-2327 1 Libtiff 1 Libtiff 2018-10-11 6.8 MEDIUM N/A
Multiple buffer underflows in the (1) LZWDecode, (2) LZWDecodeCompat, and (3) LZWDecodeVector functions in tif_lzw.c in the LZW decoder in LibTIFF 3.8.2 and earlier allow context-dependent attackers to execute arbitrary code via a crafted TIFF file, related to improper handling of the CODE_CLEAR code.
CVE-2009-2347 1 Libtiff 1 Libtiff 2018-10-10 9.3 HIGH N/A
Multiple integer overflows in inter-color spaces conversion tools in libtiff 3.8 through 3.8.2, 3.9, and 4.0 allow context-dependent attackers to execute arbitrary code via a TIFF image with large (1) width and (2) height values, which triggers a heap-based buffer overflow in the (a) cvt_whole_image function in tiff2rgba and (b) tiffcvt function in rgb2ycbcr.
CVE-2009-2285 1 Libtiff 1 Libtiff 2018-10-03 4.3 MEDIUM N/A
Buffer underflow in the LZWDecodeCompat function in libtiff 3.8.2 allows context-dependent attackers to cause a denial of service (crash) via a crafted TIFF image, a different vulnerability than CVE-2008-2327.
CVE-2006-2193 1 Libtiff 1 Libtiff 2018-10-03 7.5 HIGH N/A
Buffer overflow in the t2p_write_pdf_string function in tiff2pdf in libtiff 3.8.2 and earlier allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a TIFF file with a DocumentName tag that contains UTF-8 characters, which triggers the overflow when a character is sign extended to an integer that produces more digits than expected in an sprintf call.
CVE-2006-2024 1 Libtiff 1 Libtiff 2018-10-03 4.0 MEDIUM N/A
Multiple vulnerabilities in libtiff before 3.8.1 allow context-dependent attackers to cause a denial of service via a TIFF image that triggers errors in (1) the TIFFFetchAnyArray function in (a) tif_dirread.c; (2) certain "codec cleanup methods" in (b) tif_lzw.c, (c) tif_pixarlog.c, and (d) tif_zip.c; (3) and improper restoration of setfield and getfield methods in cleanup functions within (e) tif_jpeg.c, tif_pixarlog.c, (f) tif_fax3.c, and tif_zip.c.
CVE-2006-2025 1 Libtiff 1 Libtiff 2018-10-03 6.5 MEDIUM N/A
Integer overflow in the TIFFFetchData function in tif_dirread.c for libtiff before 3.8.1 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via a crafted TIFF image.
CVE-2006-2026 1 Libtiff 1 Libtiff 2018-10-03 6.5 MEDIUM N/A
Double free vulnerability in tif_jpeg.c in libtiff before 3.8.1 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image that triggers errors related to "setfield/getfield methods in cleanup functions."
CVE-2006-2120 1 Libtiff 1 Libtiff 2018-10-03 2.1 LOW N/A
The TIFFToRGB function in libtiff before 3.8.1 allows remote attackers to cause a denial of service (crash) via a crafted TIFF image with Yr/Yg/Yb values that exceed the YCR/YCG/YCB values, which triggers an out-of-bounds read.
CVE-2005-2452 1 Libtiff 1 Libtiff 2018-10-03 5.0 MEDIUM N/A
libtiff up to 3.7.0 allows remote attackers to cause a denial of service (application crash) via a TIFF image header with a zero "YCbCr subsampling" value, which causes a divide-by-zero error in (1) tif_strip.c and (2) tif_tile.c, a different vulnerability than CVE-2004-0804.
CVE-2014-8130 3 Apple, Libtiff, Redhat 9 Iphone Os, Mac Os X, Libtiff and 6 more 2018-04-05 4.3 MEDIUM 6.5 MEDIUM
The _TIFFmalloc function in tif_unix.c in LibTIFF 4.0.3 does not reject a zero size, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image that is mishandled by the TIFFWriteScanline function in tif_write.c, as demonstrated by tiffdither.
CVE-2016-5314 4 Debian, Libtiff, Opensuse and 1 more 5 Debian Linux, Libtiff, Leap and 2 more 2018-04-05 6.8 MEDIUM 8.8 HIGH
Buffer overflow in the PixarLogDecode function in tif_pixarlog.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by overwriting the vgetparent function pointer with rgb2ycbcr.
CVE-2017-18013 1 Libtiff 1 Libtiff 2018-03-27 4.3 MEDIUM 6.5 MEDIUM
In LibTIFF 4.0.9, there is a Null-Pointer Dereference in the tif_print.c TIFFPrintDirectory function, as demonstrated by a tiffinfo crash.
CVE-2017-9147 1 Libtiff 1 Libtiff 2018-03-27 4.3 MEDIUM 6.5 MEDIUM
LibTIFF 4.0.7 has an invalid read in the _TIFFVGetField function in tif_dir.c, which might allow remote attackers to cause a denial of service (crash) via a crafted TIFF file.
CVE-2016-5102 1 Libtiff 1 Libtiff 2018-03-27 4.3 MEDIUM 5.5 MEDIUM
Buffer overflow in the readgifimage function in gif2tiff.c in the gif2tiff tool in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (segmentation fault) via a crafted gif file.
CVE-2016-5318 1 Libtiff 1 Libtiff 2018-03-27 4.3 MEDIUM 6.5 MEDIUM
Stack-based buffer overflow in the _TIFFVGetField function in libtiff 4.0.6 and earlier allows remote attackers to crash the application via a crafted tiff.
CVE-2016-10268 1 Libtiff 1 Libtiff 2018-03-21 6.8 MEDIUM 7.8 HIGH
tools/tiffcp.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (integer underflow and heap-based buffer under-read) or possibly have unspecified other impact via a crafted TIFF image, related to "READ of size 78490" and libtiff/tif_unix.c:115:23.
CVE-2017-7602 1 Libtiff 1 Libtiff 2018-03-21 6.8 MEDIUM 7.8 HIGH
LibTIFF 4.0.7 has a signed integer overflow, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.
CVE-2017-7601 1 Libtiff 1 Libtiff 2018-03-21 6.8 MEDIUM 7.8 HIGH
LibTIFF 4.0.7 has a "shift exponent too large for 64-bit type long" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.