Search Results (Refine Search)
- CPE Product Version: cpe:/a:libtiff:libtiff:3.9.0
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2015-8781 |
tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bounds write) via an invalid number of samples per pixel in a LogL compressed TIFF image, a different vulnerability than CVE-2015-8782. Published: February 01, 2016; 4:59:01 PM -0500 |
V3.1: 6.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2015-8668 |
Heap-based buffer overflow in the PackBitsPreEncode function in tif_packbits.c in bmp2tiff in libtiff 4.0.6 and earlier allows remote attackers to execute arbitrary code or cause a denial of service via a large width field in a BMP image. Published: January 08, 2016; 2:59:18 PM -0500 |
V3.1: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2013-4231 |
Multiple buffer overflows in libtiff before 4.0.3 allow remote attackers to cause a denial of service (out-of-bounds write) via a crafted (1) extension block in a GIF image or (2) GIF raster image to tools/gif2tiff.c or (3) a long filename for a TIFF image to tools/rgb2ycbcr.c. NOTE: vectors 1 and 3 are disputed by Red Hat, which states that the input cannot exceed the allocated buffer size. Published: January 19, 2014; 12:16:28 PM -0500 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2013-4244 |
The LZW decompressor in the gif2tiff tool in libtiff 4.0.3 and earlier allows context-dependent attackers to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a crafted GIF image. Published: September 28, 2013; 3:55:03 PM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2013-4243 |
Heap-based buffer overflow in the readgifimage function in the gif2tiff tool in libtiff 4.0.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted height and width values in a GIF image. Published: September 10, 2013; 3:55:11 PM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2012-5581 |
Stack-based buffer overflow in tif_dir.c in LibTIFF before 4.0.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted DOTRANGE tag in a TIFF image. Published: January 04, 2013; 5:55:02 PM -0500 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2012-4564 |
ppm2tiff does not check the return value of the TIFFScanlineSize function, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PPM image that triggers an integer overflow, a zero-memory allocation, and a heap-based buffer overflow. Published: November 11, 2012; 8:00:58 AM -0500 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2012-4447 |
Heap-based buffer overflow in tif_pixarlog.c in LibTIFF before 4.0.3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted TIFF image using the PixarLog Compression format. Published: October 28, 2012; 11:55:01 AM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2012-3401 |
The t2p_read_tiff_init function in tiff2pdf (tools/tiff2pdf.c) in LibTIFF 4.0.2 and earlier does not properly initialize the T2P context struct pointer in certain error conditions, which allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image that triggers a heap-based buffer overflow. Published: August 13, 2012; 4:55:08 PM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2012-2113 |
Multiple integer overflows in tiff2pdf in libtiff before 4.0.2 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow. Published: July 22, 2012; 1:55:01 PM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2012-2088 |
Integer signedness error in the TIFFReadDirectory function in tif_dirread.c in libtiff 3.9.4 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a negative tile depth in a tiff image, which triggers an improper conversion between signed and unsigned types, leading to a heap-based buffer overflow. Published: July 22, 2012; 1:55:01 PM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2010-4665 |
Integer overflow in the ReadDirectory function in tiffdump.c in tiffdump in LibTIFF before 3.9.5 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted TIFF file containing a directory data structure with many directory entries. Published: May 03, 2011; 4:55:04 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2009-5022 |
Heap-based buffer overflow in tif_ojpeg.c in the OJPEG decoder in LibTIFF before 3.9.5 allows remote attackers to execute arbitrary code via a crafted TIFF file. Published: May 03, 2011; 4:55:04 PM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2011-1167 |
Heap-based buffer overflow in the thunder (aka ThunderScan) decoder in tif_thunder.c in LibTIFF 3.9.4 and earlier allows remote attackers to execute arbitrary code via crafted THUNDER_2BITDELTAS data in a .tiff file that has an unexpected BitsPerSample value. Published: March 28, 2011; 12:55:04 PM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2010-2631 |
LibTIFF 3.9.0 ignores tags in certain situations during the first stage of TIFF file processing and does not properly handle this during the second stage, which allows remote attackers to cause a denial of service (application crash) via a crafted file, a different vulnerability than CVE-2010-2481. Published: July 06, 2010; 1:17:20 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2010-2630 |
The TIFFReadDirectory function in LibTIFF 3.9.0 does not properly validate the data types of codec-specific tags that have an out-of-order position in a TIFF file, which allows remote attackers to cause a denial of service (application crash) via a crafted file, a different vulnerability than CVE-2010-2481. Published: July 06, 2010; 1:17:20 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2010-2483 |
The TIFFRGBAImageGet function in LibTIFF 3.9.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a TIFF file with an invalid combination of SamplesPerPixel and Photometric values. Published: July 06, 2010; 1:17:13 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2010-2482 |
LibTIFF 3.9.4 and earlier does not properly handle an invalid td_stripbytecount field, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted TIFF file, a different vulnerability than CVE-2010-2443. Published: July 06, 2010; 1:17:13 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2010-2481 |
The TIFFExtractData macro in LibTIFF before 3.9.4 does not properly handle unknown tag types in TIFF directory entries, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted TIFF file. Published: July 06, 2010; 1:17:13 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2010-2597 |
The TIFFVStripSize function in tif_strip.c in LibTIFF 3.9.0 and 3.9.2 makes incorrect calls to the TIFFGetField function, which allows remote attackers to cause a denial of service (application crash) via a crafted TIFF image, related to "downsampled OJPEG input" and possibly related to a compiler optimization that triggers a divide-by-zero error. Published: July 02, 2010; 8:43:53 AM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |