Total
227 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-7600 | 1 Libtiff | 1 Libtiff | 2018-03-21 | 6.8 MEDIUM | 7.8 HIGH |
LibTIFF 4.0.7 has an "outside the range of representable values of type unsigned char" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. | |||||
CVE-2017-7599 | 1 Libtiff | 1 Libtiff | 2018-03-21 | 6.8 MEDIUM | 7.8 HIGH |
LibTIFF 4.0.7 has an "outside the range of representable values of type short" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. | |||||
CVE-2017-7598 | 1 Libtiff | 1 Libtiff | 2018-03-21 | 4.3 MEDIUM | 7.8 HIGH |
tif_dirread.c in LibTIFF 4.0.7 might allow remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted image. | |||||
CVE-2017-7597 | 1 Libtiff | 1 Libtiff | 2018-03-21 | 6.8 MEDIUM | 7.8 HIGH |
tif_dirread.c in LibTIFF 4.0.7 has an "outside the range of representable values of type float" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. | |||||
CVE-2017-7596 | 1 Libtiff | 1 Libtiff | 2018-03-21 | 6.8 MEDIUM | 7.8 HIGH |
LibTIFF 4.0.7 has an "outside the range of representable values of type float" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. | |||||
CVE-2017-7595 | 1 Libtiff | 1 Libtiff | 2018-03-21 | 4.3 MEDIUM | 5.5 MEDIUM |
The JPEGSetupEncode function in tiff_jpeg.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted image. | |||||
CVE-2017-7593 | 1 Libtiff | 1 Libtiff | 2018-03-21 | 4.3 MEDIUM | 5.5 MEDIUM |
tif_read.c in LibTIFF 4.0.7 does not ensure that tif_rawdata is properly initialized, which might allow remote attackers to obtain sensitive information from process memory via a crafted image. | |||||
CVE-2017-7592 | 1 Libtiff | 1 Libtiff | 2018-03-21 | 6.8 MEDIUM | 7.8 HIGH |
The putagreytile function in tif_getimage.c in LibTIFF 4.0.7 has a left-shift undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. | |||||
CVE-2017-11335 | 1 Libtiff | 1 Libtiff | 2018-03-21 | 6.8 MEDIUM | 8.8 HIGH |
There is a heap based buffer overflow in tools/tiff2pdf.c of LibTIFF 4.0.8 via a PlanarConfig=Contig image, which causes a more than one hundred bytes out-of-bounds write (related to the ZIPDecode function in tif_zip.c). A crafted input may lead to a remote denial of service attack or an arbitrary code execution attack. | |||||
CVE-2017-10688 | 1 Libtiff | 1 Libtiff | 2018-03-21 | 5.0 MEDIUM | 7.5 HIGH |
In LibTIFF 4.0.8, there is a assertion abort in the TIFFWriteDirectoryTagCheckedLong8Array function in tif_dirwrite.c. A crafted input will lead to a remote denial of service attack. | |||||
CVE-2016-10371 | 1 Libtiff | 1 Libtiff | 2018-03-21 | 4.3 MEDIUM | 5.5 MEDIUM |
The TIFFWriteDirectoryTagCheckedRational function in tif_dirwrite.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted TIFF file. | |||||
CVE-2016-10267 | 1 Libtiff | 1 Libtiff | 2018-03-21 | 4.3 MEDIUM | 5.5 MEDIUM |
LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image, related to libtiff/tif_ojpeg.c:816:8. | |||||
CVE-2016-10266 | 1 Libtiff | 1 Libtiff | 2018-03-21 | 4.3 MEDIUM | 5.5 MEDIUM |
LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image, related to libtiff/tif_read.c:351:22. | |||||
CVE-2017-17973 | 1 Libtiff | 1 Libtiff | 2018-02-11 | 6.8 MEDIUM | 8.8 HIGH |
** DISPUTED ** In LibTIFF 4.0.8, there is a heap-based use-after-free in the t2p_writeproc function in tiff2pdf.c. NOTE: there is a third-party report of inability to reproduce this issue. | |||||
CVE-2016-5652 | 1 Libtiff | 1 Libtiff | 2018-01-04 | 6.8 MEDIUM | 7.0 HIGH |
An exploitable heap-based buffer overflow exists in the handling of TIFF images in LibTIFF's TIFF2PDF tool. A crafted TIFF document can lead to a heap-based buffer overflow resulting in remote code execution. Vulnerability can be triggered via a saved TIFF file delivered by other means. | |||||
CVE-2016-9540 | 1 Libtiff | 1 Libtiff | 2018-01-04 | 7.5 HIGH | 9.8 CRITICAL |
tools/tiffcp.c in libtiff 4.0.6 has an out-of-bounds write on tiled images with odd tile width versus image width. Reported as MSVR 35103, aka "cpStripToTile heap-buffer-overflow." | |||||
CVE-2016-9537 | 1 Libtiff | 1 Libtiff | 2018-01-04 | 7.5 HIGH | 9.8 CRITICAL |
tools/tiffcrop.c in libtiff 4.0.6 has out-of-bounds write vulnerabilities in buffers. Reported as MSVR 35093, MSVR 35096, and MSVR 35097. | |||||
CVE-2016-9536 | 1 Libtiff | 1 Libtiff | 2018-01-04 | 7.5 HIGH | 9.8 CRITICAL |
tools/tiff2pdf.c in libtiff 4.0.6 has out-of-bounds write vulnerabilities in heap allocated buffers in t2p_process_jpeg_strip(). Reported as MSVR 35098, aka "t2p_process_jpeg_strip heap-buffer-overflow." | |||||
CVE-2016-9535 | 1 Libtiff | 1 Libtiff | 2018-01-04 | 7.5 HIGH | 9.8 CRITICAL |
tif_predict.h and tif_predict.c in libtiff 4.0.6 have assertions that can lead to assertion failures in debug mode, or buffer overflows in release mode, when dealing with unusual tile size like YCbCr with subsampling. Reported as MSVR 35105, aka "Predictor heap-buffer-overflow." | |||||
CVE-2016-9533 | 1 Libtiff | 1 Libtiff | 2018-01-04 | 7.5 HIGH | 9.8 CRITICAL |
tif_pixarlog.c in libtiff 4.0.6 has out-of-bounds write vulnerabilities in heap allocated buffers. Reported as MSVR 35094, aka "PixarLog horizontalDifference heap-buffer-overflow." |