VYPR

rpm package

suse/tiff&distro=SUSE Linux Enterprise Desktop 11 SP4

pkg:rpm/suse/tiff&distro=SUSE%20Linux%20Enterprise%20Desktop%2011%20SP4

Vulnerabilities (9)

  • CVE-2014-8128Feb 12, 2020
    affected < 3.8.2-141.160.1fixed 3.8.2-141.160.1

    LibTIFF prior to 4.0.4, as used in Apple iOS before 8.4 and OS X before 10.10.4 and other products, allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted TIFF image.

  • CVE-2014-8130MedMar 12, 2018
    affected < 3.8.2-141.160.1fixed 3.8.2-141.160.1

    The _TIFFmalloc function in tif_unix.c in LibTIFF 4.0.3 does not reject a zero size, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image that is mishandled by the TIFFWriteScanline function in tif_write.

  • CVE-2014-8129HigMar 12, 2018
    affected < 3.8.2-141.160.1fixed 3.8.2-141.160.1

    LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by failure of tif_next.c to verify that the BitsPerSample value is 2, and the t2p_sample_lab_signed_to_unsi

  • CVE-2014-8127MedJun 26, 2017
    affected < 3.8.2-141.160.1fixed 3.8.2-141.160.1

    LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted TIFF image to the (1) checkInkNamesString function in tif_dir.c in the thumbnail tool, (2) compresscontig function in tiff2bw.c in the tiff2bw tool, (3) putcontig8bitCI

  • CVE-2014-9655MedApr 13, 2016
    affected < 3.8.2-141.160.1fixed 3.8.2-141.160.1

    The (1) putcontig8bitYCbCr21tile function in tif_getimage.c or (2) NeXTDecode function in tif_next.c in LibTIFF allows remote attackers to cause a denial of service (uninitialized memory access) via a crafted TIFF image, as demonstrated by libtiff-cvs-1.tif and libtiff-cvs-2.tif.

  • CVE-2015-8783MedFeb 1, 2016
    affected < 3.8.2-141.163.1fixed 3.8.2-141.163.1

    tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bounds reads) via a crafted TIFF image.

  • CVE-2015-8782MedFeb 1, 2016
    affected < 3.8.2-141.163.1fixed 3.8.2-141.163.1

    tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bounds writes) via a crafted TIFF image, a different vulnerability than CVE-2015-8781.

  • CVE-2015-8781MedFeb 1, 2016
    affected < 3.8.2-141.163.1fixed 3.8.2-141.163.1

    tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bounds write) via an invalid number of samples per pixel in a LogL compressed TIFF image, a different vulnerability than CVE-2015-8782.

  • CVE-2015-7554CriJan 8, 2016
    affected < 3.8.2-141.163.1fixed 3.8.2-141.163.1

    The _TIFFVGetField function in tif_dir.c in libtiff 4.0.6 allows attackers to cause a denial of service (invalid memory write and crash) or possibly have unspecified other impact via crafted field data in an extension tag in a TIFF image.