rpm package
suse/tiff&distro=SUSE Linux Enterprise Server for SAP Applications 11 SP4
pkg:rpm/suse/tiff&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4
Vulnerabilities (70)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2016-10092 | Hig | 7.8 | < 3.8.2-141.169.26.1 | 3.8.2-141.169.26.1 | Mar 1, 2017 | Heap-based buffer overflow in the readContigStripsIntoBuffer function in tif_unix.c in LibTIFF 4.0.7, 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5 and 4.0.6 allows remote attackers to hav | |
| CVE-2016-5102 | Med | 5.5 | < 3.8.2-141.169.31.1 | 3.8.2-141.169.31.1 | Feb 6, 2017 | Buffer overflow in the readgifimage function in gif2tiff.c in the gif2tiff tool in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (segmentation fault) via a crafted gif file. | |
| CVE-2016-9453 | Hig | 7.8 | < 3.8.2-141.169.3.1 | 3.8.2-141.169.3.1 | Jan 27, 2017 | The t2p_readwrite_pdf_image_tile function in LibTIFF allows remote attackers to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a JPEG file with a TIFFTAG_JPEGTABLES of length one. | |
| CVE-2016-5319 | Med | 6.5 | < 3.8.2-141.169.16.1 | 3.8.2-141.169.16.1 | Jan 20, 2017 | Heap-based buffer overflow in tif_packbits.c in libtiff 4.0.6 and earlier allows remote attackers to crash the application via a crafted bmp file. | |
| CVE-2016-5318 | Med | 6.5 | < 3.8.2-141.169.3.1 | 3.8.2-141.169.3.1 | Jan 20, 2017 | Stack-based buffer overflow in the _TIFFVGetField function in libtiff 4.0.6 and earlier allows remote attackers to crash the application via a crafted tiff. | |
| CVE-2016-5317 | Med | 6.5 | < 3.8.2-141.168.1 | 3.8.2-141.168.1 | Jan 20, 2017 | Buffer overflow in the PixarLogDecode function in libtiff.so in the PixarLogDecode function in libtiff 4.0.6 and earlier, as used in GNOME nautilus, allows attackers to cause a denial of service attack (crash) via a crafted TIFF file. | |
| CVE-2016-5316 | Med | 6.5 | < 3.8.2-141.168.1 | 3.8.2-141.168.1 | Jan 20, 2017 | Out-of-bounds read in the PixarLogCleanup function in tif_pixarlog.c in libtiff 4.0.6 and earlier allows remote attackers to crash the application by sending a crafted TIFF image to the rgb2ycbcr tool. | |
| CVE-2016-9273 | Med | 5.5 | < 3.8.2-141.169.22.1 | 3.8.2-141.169.22.1 | Jan 18, 2017 | tiffsplit in libtiff 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file, related to changing td_nstrips in TIFF_STRIPCHOP mode. | |
| CVE-2017-5225 | Hig | 8.8 | < 3.8.2-141.169.9.1 | 3.8.2-141.169.9.1 | Jan 12, 2017 | LibTIFF version 4.0.7 is vulnerable to a heap buffer overflow in the tools/tiffcp resulting in DoS or code execution via a crafted BitsPerSample value. | |
| CVE-2016-5652 | Hig | 7.0 | < 3.8.2-141.169.3.1 | 3.8.2-141.169.3.1 | Jan 6, 2017 | An exploitable heap-based buffer overflow exists in the handling of TIFF images in LibTIFF's TIFF2PDF tool. A crafted TIFF document can lead to a heap-based buffer overflow resulting in remote code execution. Vulnerability can be triggered via a saved TIFF file delivered by other | |
| CVE-2015-8870 | Hig | 7.4 | < 3.8.2-141.169.22.1 | 3.8.2-141.169.22.1 | Dec 6, 2016 | Integer overflow in tools/bmp2tiff.c in LibTIFF before 4.0.4 allows remote attackers to cause a denial of service (heap-based buffer over-read), or possibly obtain sensitive information from process memory, via crafted width and length values in RLE4 or RLE8 data in a BMP file. | |
| CVE-2016-9540 | Cri | 9.8 | < 3.8.2-141.169.9.1 | 3.8.2-141.169.9.1 | Nov 22, 2016 | tools/tiffcp.c in libtiff 4.0.6 has an out-of-bounds write on tiled images with odd tile width versus image width. Reported as MSVR 35103, aka "cpStripToTile heap-buffer-overflow." | |
| CVE-2016-9536 | Cri | 9.8 | < 3.8.2-141.169.3.1 | 3.8.2-141.169.3.1 | Nov 22, 2016 | tools/tiff2pdf.c in libtiff 4.0.6 has out-of-bounds write vulnerabilities in heap allocated buffers in t2p_process_jpeg_strip(). Reported as MSVR 35098, aka "t2p_process_jpeg_strip heap-buffer-overflow." | |
| CVE-2016-9535 | Cri | 9.8 | < 3.8.2-141.169.9.1 | 3.8.2-141.169.9.1 | Nov 22, 2016 | tif_predict.h and tif_predict.c in libtiff 4.0.6 have assertions that can lead to assertion failures in debug mode, or buffer overflows in release mode, when dealing with unusual tile size like YCbCr with subsampling. Reported as MSVR 35105, aka "Predictor heap-buffer-overflow." | |
| CVE-2016-8331 | Hig | 8.1 | < 3.8.2-141.169.9.1 | 3.8.2-141.169.9.1 | Oct 28, 2016 | An exploitable remote code execution vulnerability exists in the handling of TIFF images in LibTIFF version 4.0.6. A crafted TIFF document can lead to a type confusion vulnerability resulting in remote code execution. This vulnerability can be triggered via a TIFF file delivered | |
| CVE-2016-3623 | Hig | 7.5 | < 3.8.2-141.168.1 | 3.8.2-141.168.1 | Oct 3, 2016 | The rgb2ycbcr tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (divide-by-zero) by setting the (1) v or (2) h parameter to 0. | |
| CVE-2016-3622 | Med | 6.5 | < 3.8.2-141.168.1 | 3.8.2-141.168.1 | Oct 3, 2016 | The fpAcc function in tif_predict.c in the tiff2rgba tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted TIFF image. | |
| CVE-2016-3621 | Hig | 8.8 | < 3.8.2-141.169.22.1 | 3.8.2-141.169.22.1 | Oct 3, 2016 | The LZWEncode function in tif_lzw.c in the bmp2tiff tool in LibTIFF 4.0.6 and earlier, when the "-c lzw" option is used, allows remote attackers to cause a denial of service (buffer over-read) via a crafted BMP image. | |
| CVE-2016-3620 | Hig | 7.5 | < 3.8.2-141.169.22.1 | 3.8.2-141.169.22.1 | Oct 3, 2016 | The ZIPEncode function in tif_zip.c in the bmp2tiff tool in LibTIFF 4.0.6 and earlier, when the "-c zip" option is used, allows remote attackers to cause a denial of service (buffer over-read) via a crafted BMP image. | |
| CVE-2016-3619 | Med | 6.5 | < 3.8.2-141.169.22.1 | 3.8.2-141.169.22.1 | Oct 3, 2016 | The DumpModeEncode function in tif_dumpmode.c in the bmp2tiff tool in LibTIFF 4.0.6 and earlier, when the "-c none" option is used, allows remote attackers to cause a denial of service (buffer over-read) via a crafted BMP image. |
- affected < 3.8.2-141.169.26.1fixed 3.8.2-141.169.26.1
Heap-based buffer overflow in the readContigStripsIntoBuffer function in tif_unix.c in LibTIFF 4.0.7, 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5 and 4.0.6 allows remote attackers to hav
- affected < 3.8.2-141.169.31.1fixed 3.8.2-141.169.31.1
Buffer overflow in the readgifimage function in gif2tiff.c in the gif2tiff tool in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (segmentation fault) via a crafted gif file.
- affected < 3.8.2-141.169.3.1fixed 3.8.2-141.169.3.1
The t2p_readwrite_pdf_image_tile function in LibTIFF allows remote attackers to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a JPEG file with a TIFFTAG_JPEGTABLES of length one.
- affected < 3.8.2-141.169.16.1fixed 3.8.2-141.169.16.1
Heap-based buffer overflow in tif_packbits.c in libtiff 4.0.6 and earlier allows remote attackers to crash the application via a crafted bmp file.
- affected < 3.8.2-141.169.3.1fixed 3.8.2-141.169.3.1
Stack-based buffer overflow in the _TIFFVGetField function in libtiff 4.0.6 and earlier allows remote attackers to crash the application via a crafted tiff.
- affected < 3.8.2-141.168.1fixed 3.8.2-141.168.1
Buffer overflow in the PixarLogDecode function in libtiff.so in the PixarLogDecode function in libtiff 4.0.6 and earlier, as used in GNOME nautilus, allows attackers to cause a denial of service attack (crash) via a crafted TIFF file.
- affected < 3.8.2-141.168.1fixed 3.8.2-141.168.1
Out-of-bounds read in the PixarLogCleanup function in tif_pixarlog.c in libtiff 4.0.6 and earlier allows remote attackers to crash the application by sending a crafted TIFF image to the rgb2ycbcr tool.
- affected < 3.8.2-141.169.22.1fixed 3.8.2-141.169.22.1
tiffsplit in libtiff 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file, related to changing td_nstrips in TIFF_STRIPCHOP mode.
- affected < 3.8.2-141.169.9.1fixed 3.8.2-141.169.9.1
LibTIFF version 4.0.7 is vulnerable to a heap buffer overflow in the tools/tiffcp resulting in DoS or code execution via a crafted BitsPerSample value.
- affected < 3.8.2-141.169.3.1fixed 3.8.2-141.169.3.1
An exploitable heap-based buffer overflow exists in the handling of TIFF images in LibTIFF's TIFF2PDF tool. A crafted TIFF document can lead to a heap-based buffer overflow resulting in remote code execution. Vulnerability can be triggered via a saved TIFF file delivered by other
- affected < 3.8.2-141.169.22.1fixed 3.8.2-141.169.22.1
Integer overflow in tools/bmp2tiff.c in LibTIFF before 4.0.4 allows remote attackers to cause a denial of service (heap-based buffer over-read), or possibly obtain sensitive information from process memory, via crafted width and length values in RLE4 or RLE8 data in a BMP file.
- affected < 3.8.2-141.169.9.1fixed 3.8.2-141.169.9.1
tools/tiffcp.c in libtiff 4.0.6 has an out-of-bounds write on tiled images with odd tile width versus image width. Reported as MSVR 35103, aka "cpStripToTile heap-buffer-overflow."
- affected < 3.8.2-141.169.3.1fixed 3.8.2-141.169.3.1
tools/tiff2pdf.c in libtiff 4.0.6 has out-of-bounds write vulnerabilities in heap allocated buffers in t2p_process_jpeg_strip(). Reported as MSVR 35098, aka "t2p_process_jpeg_strip heap-buffer-overflow."
- affected < 3.8.2-141.169.9.1fixed 3.8.2-141.169.9.1
tif_predict.h and tif_predict.c in libtiff 4.0.6 have assertions that can lead to assertion failures in debug mode, or buffer overflows in release mode, when dealing with unusual tile size like YCbCr with subsampling. Reported as MSVR 35105, aka "Predictor heap-buffer-overflow."
- affected < 3.8.2-141.169.9.1fixed 3.8.2-141.169.9.1
An exploitable remote code execution vulnerability exists in the handling of TIFF images in LibTIFF version 4.0.6. A crafted TIFF document can lead to a type confusion vulnerability resulting in remote code execution. This vulnerability can be triggered via a TIFF file delivered
- affected < 3.8.2-141.168.1fixed 3.8.2-141.168.1
The rgb2ycbcr tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (divide-by-zero) by setting the (1) v or (2) h parameter to 0.
- affected < 3.8.2-141.168.1fixed 3.8.2-141.168.1
The fpAcc function in tif_predict.c in the tiff2rgba tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted TIFF image.
- affected < 3.8.2-141.169.22.1fixed 3.8.2-141.169.22.1
The LZWEncode function in tif_lzw.c in the bmp2tiff tool in LibTIFF 4.0.6 and earlier, when the "-c lzw" option is used, allows remote attackers to cause a denial of service (buffer over-read) via a crafted BMP image.
- affected < 3.8.2-141.169.22.1fixed 3.8.2-141.169.22.1
The ZIPEncode function in tif_zip.c in the bmp2tiff tool in LibTIFF 4.0.6 and earlier, when the "-c zip" option is used, allows remote attackers to cause a denial of service (buffer over-read) via a crafted BMP image.
- affected < 3.8.2-141.169.22.1fixed 3.8.2-141.169.22.1
The DumpModeEncode function in tif_dumpmode.c in the bmp2tiff tool in LibTIFF 4.0.6 and earlier, when the "-c none" option is used, allows remote attackers to cause a denial of service (buffer over-read) via a crafted BMP image.
Page 3 of 4