VYPR

rpm package

suse/tiff&distro=SUSE Linux Enterprise Point of Sale 11 SP3

pkg:rpm/suse/tiff&distro=SUSE%20Linux%20Enterprise%20Point%20of%20Sale%2011%20SP3

Vulnerabilities (8)

  • CVE-2020-35524Mar 9, 2021
    affected < 3.8.2-141.169.34.1fixed 3.8.2-141.169.34.1

    A heap-based buffer overflow flaw was found in libtiff in the handling of TIFF images in libtiff's TIFF2PDF tool. A specially crafted TIFF file can lead to arbitrary code execution. The highest threat from this vulnerability is to confidentiality, integrity, as well as system ava

  • CVE-2020-35523Mar 9, 2021
    affected < 3.8.2-141.169.34.1fixed 3.8.2-141.169.34.1

    An integer overflow flaw was found in libtiff that exists in the tif_getimage.c file. This flaw allows an attacker to inject and execute arbitrary code when a user opens a crafted TIFF file. The highest threat from this vulnerability is to confidentiality, integrity, as well as s

  • CVE-2020-35522Mar 9, 2021
    affected < 3.8.2-141.169.34.1fixed 3.8.2-141.169.34.1

    In LibTIFF, there is a memory malloc failure in tif_pixarlog.c. A crafted TIFF document can lead to an abort, resulting in a remote denial of service attack.

  • CVE-2020-35521Mar 9, 2021
    affected < 3.8.2-141.169.34.1fixed 3.8.2-141.169.34.1

    A flaw was found in libtiff. Due to a memory allocation failure in tif_read.c, a crafted TIFF file can lead to an abort, resulting in denial of service.

  • CVE-2019-6128Jan 11, 2019
    affected < 3.8.2-141.169.31.1fixed 3.8.2-141.169.31.1

    The TIFFFdOpen function in tif_unix.c in LibTIFF 4.0.10 has a memory leak, as demonstrated by pal2rgb.

  • CVE-2016-5102MedFeb 6, 2017
    affected < 3.8.2-141.169.31.1fixed 3.8.2-141.169.31.1

    Buffer overflow in the readgifimage function in gif2tiff.c in the gif2tiff tool in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (segmentation fault) via a crafted gif file.

  • CVE-2015-8683MedApr 13, 2016
    affected < 3.8.2-141.169.34.1fixed 3.8.2-141.169.34.1

    The putcontig8bitCIELab function in tif_getimage.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via a packed TIFF image.

  • CVE-2015-8665MedApr 13, 2016
    affected < 3.8.2-141.169.34.1fixed 3.8.2-141.169.34.1

    tif_getimage.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via the SamplesPerPixel tag in a TIFF image.