rpm package
opensuse/tiff&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/tiff&distro=openSUSE%20Tumbleweed
Vulnerabilities (157)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2013-1960 | — | < 4.0.7-1.1 | 4.0.7-1.1 | Jul 3, 2013 | Heap-based buffer overflow in the t2p_process_jpeg_strip function in tiff2pdf in libtiff 4.0.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image file. | ||
| CVE-2012-4564 | — | < 4.0.7-1.1 | 4.0.7-1.1 | Nov 11, 2012 | ppm2tiff does not check the return value of the TIFFScanlineSize function, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PPM image that triggers an integer overflow, a zero-memory allocation, and a heap-based | ||
| CVE-2012-3401 | — | < 4.0.7-1.1 | 4.0.7-1.1 | Aug 13, 2012 | The t2p_read_tiff_init function in tiff2pdf (tools/tiff2pdf.c) in LibTIFF 4.0.2 and earlier does not properly initialize the T2P context struct pointer in certain error conditions, which allows context-dependent attackers to cause a denial of service (crash) and possibly execute | ||
| CVE-2012-2113 | — | < 4.0.7-1.1 | 4.0.7-1.1 | Jul 22, 2012 | Multiple integer overflows in tiff2pdf in libtiff before 4.0.2 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow. | ||
| CVE-2012-1173 | — | < 4.0.7-1.1 | 4.0.7-1.1 | Jun 4, 2012 | Multiple integer overflows in tiff_getimage.c in LibTIFF 3.9.4 allow remote attackers to execute arbitrary code via a crafted tile size in a TIFF file, which is not properly handled by the (1) gtTileSeparate or (2) gtStripSeparate function, leading to a heap-based buffer overflow | ||
| CVE-2010-4665 | — | < 4.0.7-1.1 | 4.0.7-1.1 | May 3, 2011 | Integer overflow in the ReadDirectory function in tiffdump.c in tiffdump in LibTIFF before 3.9.5 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted TIFF file containing a directory data structure with m | ||
| CVE-2011-1167 | — | < 4.0.7-1.1 | 4.0.7-1.1 | Mar 28, 2011 | Heap-based buffer overflow in the thunder (aka ThunderScan) decoder in tif_thunder.c in LibTIFF 3.9.4 and earlier allows remote attackers to execute arbitrary code via crafted THUNDER_2BITDELTAS data in a .tiff file that has an unexpected BitsPerSample value. | ||
| CVE-2011-0192 | — | < 4.0.7-1.1 | 4.0.7-1.1 | Mar 3, 2011 | Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF Internet | ||
| CVE-2010-2233 | — | < 4.0.7-1.1 | 4.0.7-1.1 | Jul 2, 2010 | tif_getimage.c in LibTIFF 3.9.0 and 3.9.2 on 64-bit platforms, as used in ImageMagick, does not properly perform vertical flips, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TIFF image, related to | ||
| CVE-2010-2067 | — | < 4.0.7-1.1 | 4.0.7-1.1 | Jun 24, 2010 | Stack-based buffer overflow in the TIFFFetchSubjectDistance function in tif_dirread.c in LibTIFF before 3.9.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long EXIF SubjectDistance field in a TIFF file. | ||
| CVE-2010-2065 | — | < 4.0.7-1.1 | 4.0.7-1.1 | Jun 24, 2010 | Integer overflow in the TIFFroundup macro in LibTIFF before 3.9.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TIFF file that triggers a buffer overflow. | ||
| CVE-2009-2347 | — | < 4.0.7-1.1 | 4.0.7-1.1 | Jul 14, 2009 | Multiple integer overflows in inter-color spaces conversion tools in libtiff 3.8 through 3.8.2, 3.9, and 4.0 allow context-dependent attackers to execute arbitrary code via a TIFF image with large (1) width and (2) height values, which triggers a heap-based buffer overflow in the | ||
| CVE-2009-2285 | — | < 4.0.7-1.1 | 4.0.7-1.1 | Jul 1, 2009 | Buffer underflow in the LZWDecodeCompat function in libtiff 3.8.2 allows context-dependent attackers to cause a denial of service (crash) via a crafted TIFF image, a different vulnerability than CVE-2008-2327. | ||
| CVE-2008-1586 | — | < 4.3.0-1.3 | 4.3.0-1.3 | Nov 25, 2008 | ImageIO in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 allow remote attackers to cause a denial of service (memory consumption and device reset) via a crafted TIFF image. | ||
| CVE-2008-2327 | — | < 4.3.0-1.3 | 4.3.0-1.3 | Aug 27, 2008 | Multiple buffer underflows in the (1) LZWDecode, (2) LZWDecodeCompat, and (3) LZWDecodeVector functions in tif_lzw.c in the LZW decoder in LibTIFF 3.8.2 and earlier allow context-dependent attackers to execute arbitrary code via a crafted TIFF file, related to improper handling o | ||
| CVE-2006-2656 | — | < 4.3.0-1.3 | 4.3.0-1.3 | May 30, 2006 | Stack-based buffer overflow in the tiffsplit command in libtiff 3.8.2 and earlier might might allow attackers to execute arbitrary code via a long filename. NOTE: tiffsplit is not setuid. If there is not a common scenario under which tiffsplit is called with attacker-controlled | ||
| CVE-2006-0405 | — | < 4.3.0-1.3 | 4.3.0-1.3 | Jan 25, 2006 | The TIFFFetchShortPair function in tif_dirread.c in libtiff 3.8.0 allows remote attackers to cause a denial of service (application crash) via a crafted TIFF image that triggers a NULL pointer dereference, possibly due to changes in type declarations and/or the TIFFVSetField func |
- CVE-2013-1960Jul 3, 2013affected < 4.0.7-1.1fixed 4.0.7-1.1
Heap-based buffer overflow in the t2p_process_jpeg_strip function in tiff2pdf in libtiff 4.0.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image file.
- CVE-2012-4564Nov 11, 2012affected < 4.0.7-1.1fixed 4.0.7-1.1
ppm2tiff does not check the return value of the TIFFScanlineSize function, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PPM image that triggers an integer overflow, a zero-memory allocation, and a heap-based
- CVE-2012-3401Aug 13, 2012affected < 4.0.7-1.1fixed 4.0.7-1.1
The t2p_read_tiff_init function in tiff2pdf (tools/tiff2pdf.c) in LibTIFF 4.0.2 and earlier does not properly initialize the T2P context struct pointer in certain error conditions, which allows context-dependent attackers to cause a denial of service (crash) and possibly execute
- CVE-2012-2113Jul 22, 2012affected < 4.0.7-1.1fixed 4.0.7-1.1
Multiple integer overflows in tiff2pdf in libtiff before 4.0.2 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow.
- CVE-2012-1173Jun 4, 2012affected < 4.0.7-1.1fixed 4.0.7-1.1
Multiple integer overflows in tiff_getimage.c in LibTIFF 3.9.4 allow remote attackers to execute arbitrary code via a crafted tile size in a TIFF file, which is not properly handled by the (1) gtTileSeparate or (2) gtStripSeparate function, leading to a heap-based buffer overflow
- CVE-2010-4665May 3, 2011affected < 4.0.7-1.1fixed 4.0.7-1.1
Integer overflow in the ReadDirectory function in tiffdump.c in tiffdump in LibTIFF before 3.9.5 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted TIFF file containing a directory data structure with m
- CVE-2011-1167Mar 28, 2011affected < 4.0.7-1.1fixed 4.0.7-1.1
Heap-based buffer overflow in the thunder (aka ThunderScan) decoder in tif_thunder.c in LibTIFF 3.9.4 and earlier allows remote attackers to execute arbitrary code via crafted THUNDER_2BITDELTAS data in a .tiff file that has an unexpected BitsPerSample value.
- CVE-2011-0192Mar 3, 2011affected < 4.0.7-1.1fixed 4.0.7-1.1
Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF Internet
- CVE-2010-2233Jul 2, 2010affected < 4.0.7-1.1fixed 4.0.7-1.1
tif_getimage.c in LibTIFF 3.9.0 and 3.9.2 on 64-bit platforms, as used in ImageMagick, does not properly perform vertical flips, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TIFF image, related to
- CVE-2010-2067Jun 24, 2010affected < 4.0.7-1.1fixed 4.0.7-1.1
Stack-based buffer overflow in the TIFFFetchSubjectDistance function in tif_dirread.c in LibTIFF before 3.9.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long EXIF SubjectDistance field in a TIFF file.
- CVE-2010-2065Jun 24, 2010affected < 4.0.7-1.1fixed 4.0.7-1.1
Integer overflow in the TIFFroundup macro in LibTIFF before 3.9.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TIFF file that triggers a buffer overflow.
- CVE-2009-2347Jul 14, 2009affected < 4.0.7-1.1fixed 4.0.7-1.1
Multiple integer overflows in inter-color spaces conversion tools in libtiff 3.8 through 3.8.2, 3.9, and 4.0 allow context-dependent attackers to execute arbitrary code via a TIFF image with large (1) width and (2) height values, which triggers a heap-based buffer overflow in the
- CVE-2009-2285Jul 1, 2009affected < 4.0.7-1.1fixed 4.0.7-1.1
Buffer underflow in the LZWDecodeCompat function in libtiff 3.8.2 allows context-dependent attackers to cause a denial of service (crash) via a crafted TIFF image, a different vulnerability than CVE-2008-2327.
- CVE-2008-1586Nov 25, 2008affected < 4.3.0-1.3fixed 4.3.0-1.3
ImageIO in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 allow remote attackers to cause a denial of service (memory consumption and device reset) via a crafted TIFF image.
- CVE-2008-2327Aug 27, 2008affected < 4.3.0-1.3fixed 4.3.0-1.3
Multiple buffer underflows in the (1) LZWDecode, (2) LZWDecodeCompat, and (3) LZWDecodeVector functions in tif_lzw.c in the LZW decoder in LibTIFF 3.8.2 and earlier allow context-dependent attackers to execute arbitrary code via a crafted TIFF file, related to improper handling o
- CVE-2006-2656May 30, 2006affected < 4.3.0-1.3fixed 4.3.0-1.3
Stack-based buffer overflow in the tiffsplit command in libtiff 3.8.2 and earlier might might allow attackers to execute arbitrary code via a long filename. NOTE: tiffsplit is not setuid. If there is not a common scenario under which tiffsplit is called with attacker-controlled
- CVE-2006-0405Jan 25, 2006affected < 4.3.0-1.3fixed 4.3.0-1.3
The TIFFFetchShortPair function in tif_dirread.c in libtiff 3.8.0 allows remote attackers to cause a denial of service (application crash) via a crafted TIFF image that triggers a NULL pointer dereference, possibly due to changes in type declarations and/or the TIFFVSetField func
Page 8 of 8