Filtered by vendor Libtiff
Subscribe
Total
227 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-3463 | 1 Libtiff | 1 Libtiff | 2017-10-10 | 7.8 HIGH | N/A |
| The EstimateStripByteCounts function in TIFF library (libtiff) before 3.8.2 uses a 16-bit unsigned short when iterating over an unsigned 32-bit value, which allows context-dependent attackers to cause a denial of service via a large td_nstrips value, which triggers an infinite loop. | |||||
| CVE-2006-3465 | 1 Libtiff | 1 Libtiff | 2017-10-10 | 7.5 HIGH | N/A |
| Unspecified vulnerability in the custom tag support for the TIFF library (libtiff) before 3.8.2 allows remote attackers to cause a denial of service (instability or crash) and execute arbitrary code via unknown vectors. | |||||
| CVE-2004-0803 | 9 Apple, Kde, Libtiff and 6 more | 13 Mac Os X, Mac Os X Server, Kde and 10 more | 2017-10-10 | 7.5 HIGH | N/A |
| Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files. | |||||
| CVE-2004-0886 | 9 Apple, Kde, Libtiff and 6 more | 13 Mac Os X, Mac Os X Server, Kde and 10 more | 2017-10-10 | 5.0 MEDIUM | N/A |
| Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a denial of service (crash or memory corruption) via TIFF images that lead to incorrect malloc calls. | |||||
| CVE-2004-1183 | 1 Libtiff | 1 Libtiff | 2017-10-10 | 5.1 MEDIUM | N/A |
| Integer overflow in the tiffdump utility for libtiff 3.7.1 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted TIFF file. | |||||
| CVE-2004-1308 | 1 Libtiff | 1 Libtiff | 2017-10-10 | 10.0 HIGH | N/A |
| Integer overflow in (1) tif_dirread.c and (2) tif_fax3.c for libtiff 3.5.7 and 3.7.0 allows remote attackers to execute arbitrary code via a TIFF file containing a TIFF_ASCII or TIFF_UNDEFINED directory entry with a -1 entry count, which leads to a heap-based buffer overflow. | |||||
| CVE-2016-3621 | 1 Libtiff | 1 Libtiff | 2017-09-02 | 6.8 MEDIUM | 8.8 HIGH |
| The LZWEncode function in tif_lzw.c in the bmp2tiff tool in LibTIFF 4.0.6 and earlier, when the "-c lzw" option is used, allows remote attackers to cause a denial of service (buffer over-read) via a crafted BMP image. | |||||
| CVE-2016-3620 | 1 Libtiff | 1 Libtiff | 2017-09-02 | 5.0 MEDIUM | 7.5 HIGH |
| The ZIPEncode function in tif_zip.c in the bmp2tiff tool in LibTIFF 4.0.6 and earlier, when the "-c zip" option is used, allows remote attackers to cause a denial of service (buffer over-read) via a crafted BMP image. | |||||
| CVE-2016-3619 | 1 Libtiff | 1 Libtiff | 2017-09-02 | 4.3 MEDIUM | 6.5 MEDIUM |
| The DumpModeEncode function in tif_dumpmode.c in the bmp2tiff tool in LibTIFF 4.0.6 and earlier, when the "-c none" option is used, allows remote attackers to cause a denial of service (buffer over-read) via a crafted BMP image. | |||||
| CVE-2006-0405 | 1 Libtiff | 1 Libtiff | 2017-07-19 | 5.0 MEDIUM | N/A |
| The TIFFFetchShortPair function in tif_dirread.c in libtiff 3.8.0 allows remote attackers to cause a denial of service (application crash) via a crafted TIFF image that triggers a NULL pointer dereference, possibly due to changes in type declarations and/or the TIFFVSetField function. | |||||
| CVE-2005-1544 | 1 Libtiff | 1 Libtiff | 2017-07-10 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in libTIFF before 3.7.2 allows remote attackers to execute arbitrary code via a TIFF file with a malformed BitsPerSample tag. | |||||
| CVE-2004-0929 | 2 Libtiff, Suse | 2 Libtiff, Suse Linux | 2017-07-10 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in the OJPEGVSetField function in tif_ojpeg.c for libtiff 3.6.1 and earlier, when compiled with the OJPEG_SUPPORT (old JPEG support) option, allows remote attackers to execute arbitrary code via a malformed TIFF image. | |||||
| CVE-2016-5319 | 1 Libtiff | 1 Libtiff | 2017-06-30 | 4.3 MEDIUM | 6.5 MEDIUM |
| Heap-based buffer overflow in tif_packbits.c in libtiff 4.0.6 and earlier allows remote attackers to crash the application via a crafted bmp file. | |||||
| CVE-2016-5322 | 2 Debian, Libtiff | 2 Debian Linux, Libtiff | 2017-04-17 | 4.3 MEDIUM | 5.5 MEDIUM |
| The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image. | |||||
| CVE-2016-10271 | 1 Libtiff | 1 Libtiff | 2017-03-30 | 6.8 MEDIUM | 7.8 HIGH |
| tools/tiffcrop.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer over-read and buffer overflow) or possibly have unspecified other impact via a crafted TIFF image, related to "READ of size 1" and libtiff/tif_fax3.c:413:13. | |||||
| CVE-2016-10272 | 1 Libtiff | 1 Libtiff | 2017-03-30 | 6.8 MEDIUM | 7.8 HIGH |
| LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted TIFF image, related to "WRITE of size 2048" and libtiff/tif_next.c:64:9. | |||||
| CVE-2015-7313 | 1 Libtiff | 1 Libtiff | 2017-03-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| LibTIFF allows remote attackers to cause a denial of service (memory consumption and crash) via a crafted tiff file. | |||||
| CVE-2016-5315 | 2 Debian, Libtiff | 2 Debian Linux, Libtiff | 2017-03-08 | 4.3 MEDIUM | 5.5 MEDIUM |
| The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image. | |||||
| CVE-2016-9532 | 2 Debian, Libtiff | 2 Debian Linux, Libtiff | 2017-02-08 | 4.3 MEDIUM | 5.5 MEDIUM |
| Integer overflow in the writeBufferToSeparateStrips function in tiffcrop.c in LibTIFF before 4.0.7 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tif file. | |||||
| CVE-2016-9539 | 1 Libtiff | 1 Libtiff | 2016-12-09 | 7.5 HIGH | 9.8 CRITICAL |
| tools/tiffcrop.c in libtiff 4.0.6 has an out-of-bounds read in readContigTilesIntoBuffer(). Reported as MSVR 35092. | |||||