rpm package
suse/tiff&distro=SUSE Linux Enterprise Point of Sale 11 SP3
pkg:rpm/suse/tiff&distro=SUSE%20Linux%20Enterprise%20Point%20of%20Sale%2011%20SP3
Vulnerabilities (8)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-35524 | — | < 3.8.2-141.169.34.1 | 3.8.2-141.169.34.1 | Mar 9, 2021 | A heap-based buffer overflow flaw was found in libtiff in the handling of TIFF images in libtiff's TIFF2PDF tool. A specially crafted TIFF file can lead to arbitrary code execution. The highest threat from this vulnerability is to confidentiality, integrity, as well as system ava | ||
| CVE-2020-35523 | — | < 3.8.2-141.169.34.1 | 3.8.2-141.169.34.1 | Mar 9, 2021 | An integer overflow flaw was found in libtiff that exists in the tif_getimage.c file. This flaw allows an attacker to inject and execute arbitrary code when a user opens a crafted TIFF file. The highest threat from this vulnerability is to confidentiality, integrity, as well as s | ||
| CVE-2020-35522 | — | < 3.8.2-141.169.34.1 | 3.8.2-141.169.34.1 | Mar 9, 2021 | In LibTIFF, there is a memory malloc failure in tif_pixarlog.c. A crafted TIFF document can lead to an abort, resulting in a remote denial of service attack. | ||
| CVE-2020-35521 | — | < 3.8.2-141.169.34.1 | 3.8.2-141.169.34.1 | Mar 9, 2021 | A flaw was found in libtiff. Due to a memory allocation failure in tif_read.c, a crafted TIFF file can lead to an abort, resulting in denial of service. | ||
| CVE-2019-6128 | — | < 3.8.2-141.169.31.1 | 3.8.2-141.169.31.1 | Jan 11, 2019 | The TIFFFdOpen function in tif_unix.c in LibTIFF 4.0.10 has a memory leak, as demonstrated by pal2rgb. | ||
| CVE-2016-5102 | Med | 5.5 | < 3.8.2-141.169.31.1 | 3.8.2-141.169.31.1 | Feb 6, 2017 | Buffer overflow in the readgifimage function in gif2tiff.c in the gif2tiff tool in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (segmentation fault) via a crafted gif file. | |
| CVE-2015-8683 | Med | 5.5 | < 3.8.2-141.169.34.1 | 3.8.2-141.169.34.1 | Apr 13, 2016 | The putcontig8bitCIELab function in tif_getimage.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via a packed TIFF image. | |
| CVE-2015-8665 | Med | 5.5 | < 3.8.2-141.169.34.1 | 3.8.2-141.169.34.1 | Apr 13, 2016 | tif_getimage.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via the SamplesPerPixel tag in a TIFF image. |
- CVE-2020-35524Mar 9, 2021affected < 3.8.2-141.169.34.1fixed 3.8.2-141.169.34.1
A heap-based buffer overflow flaw was found in libtiff in the handling of TIFF images in libtiff's TIFF2PDF tool. A specially crafted TIFF file can lead to arbitrary code execution. The highest threat from this vulnerability is to confidentiality, integrity, as well as system ava
- CVE-2020-35523Mar 9, 2021affected < 3.8.2-141.169.34.1fixed 3.8.2-141.169.34.1
An integer overflow flaw was found in libtiff that exists in the tif_getimage.c file. This flaw allows an attacker to inject and execute arbitrary code when a user opens a crafted TIFF file. The highest threat from this vulnerability is to confidentiality, integrity, as well as s
- CVE-2020-35522Mar 9, 2021affected < 3.8.2-141.169.34.1fixed 3.8.2-141.169.34.1
In LibTIFF, there is a memory malloc failure in tif_pixarlog.c. A crafted TIFF document can lead to an abort, resulting in a remote denial of service attack.
- CVE-2020-35521Mar 9, 2021affected < 3.8.2-141.169.34.1fixed 3.8.2-141.169.34.1
A flaw was found in libtiff. Due to a memory allocation failure in tif_read.c, a crafted TIFF file can lead to an abort, resulting in denial of service.
- CVE-2019-6128Jan 11, 2019affected < 3.8.2-141.169.31.1fixed 3.8.2-141.169.31.1
The TIFFFdOpen function in tif_unix.c in LibTIFF 4.0.10 has a memory leak, as demonstrated by pal2rgb.
- affected < 3.8.2-141.169.31.1fixed 3.8.2-141.169.31.1
Buffer overflow in the readgifimage function in gif2tiff.c in the gif2tiff tool in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (segmentation fault) via a crafted gif file.
- affected < 3.8.2-141.169.34.1fixed 3.8.2-141.169.34.1
The putcontig8bitCIELab function in tif_getimage.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via a packed TIFF image.
- affected < 3.8.2-141.169.34.1fixed 3.8.2-141.169.34.1
tif_getimage.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via the SamplesPerPixel tag in a TIFF image.