rpm package
suse/tiff&distro=SUSE Linux Enterprise Server 11 SP3
pkg:rpm/suse/tiff&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3
Vulnerabilities (5)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2014-8128 | — | < 3.8.2-141.160.1 | 3.8.2-141.160.1 | Feb 12, 2020 | LibTIFF prior to 4.0.4, as used in Apple iOS before 8.4 and OS X before 10.10.4 and other products, allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted TIFF image. | ||
| CVE-2014-8130 | Med | 6.5 | < 3.8.2-141.160.1 | 3.8.2-141.160.1 | Mar 12, 2018 | The _TIFFmalloc function in tif_unix.c in LibTIFF 4.0.3 does not reject a zero size, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image that is mishandled by the TIFFWriteScanline function in tif_write. | |
| CVE-2014-8129 | Hig | 8.8 | < 3.8.2-141.160.1 | 3.8.2-141.160.1 | Mar 12, 2018 | LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by failure of tif_next.c to verify that the BitsPerSample value is 2, and the t2p_sample_lab_signed_to_unsi | |
| CVE-2014-8127 | Med | 6.5 | < 3.8.2-141.160.1 | 3.8.2-141.160.1 | Jun 26, 2017 | LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted TIFF image to the (1) checkInkNamesString function in tif_dir.c in the thumbnail tool, (2) compresscontig function in tiff2bw.c in the tiff2bw tool, (3) putcontig8bitCI | |
| CVE-2014-9655 | Med | 6.5 | < 3.8.2-141.160.1 | 3.8.2-141.160.1 | Apr 13, 2016 | The (1) putcontig8bitYCbCr21tile function in tif_getimage.c or (2) NeXTDecode function in tif_next.c in LibTIFF allows remote attackers to cause a denial of service (uninitialized memory access) via a crafted TIFF image, as demonstrated by libtiff-cvs-1.tif and libtiff-cvs-2.tif. |
- CVE-2014-8128Feb 12, 2020affected < 3.8.2-141.160.1fixed 3.8.2-141.160.1
LibTIFF prior to 4.0.4, as used in Apple iOS before 8.4 and OS X before 10.10.4 and other products, allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted TIFF image.
- affected < 3.8.2-141.160.1fixed 3.8.2-141.160.1
The _TIFFmalloc function in tif_unix.c in LibTIFF 4.0.3 does not reject a zero size, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image that is mishandled by the TIFFWriteScanline function in tif_write.
- affected < 3.8.2-141.160.1fixed 3.8.2-141.160.1
LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by failure of tif_next.c to verify that the BitsPerSample value is 2, and the t2p_sample_lab_signed_to_unsi
- affected < 3.8.2-141.160.1fixed 3.8.2-141.160.1
LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted TIFF image to the (1) checkInkNamesString function in tif_dir.c in the thumbnail tool, (2) compresscontig function in tiff2bw.c in the tiff2bw tool, (3) putcontig8bitCI
- affected < 3.8.2-141.160.1fixed 3.8.2-141.160.1
The (1) putcontig8bitYCbCr21tile function in tif_getimage.c or (2) NeXTDecode function in tif_next.c in LibTIFF allows remote attackers to cause a denial of service (uninitialized memory access) via a crafted TIFF image, as demonstrated by libtiff-cvs-1.tif and libtiff-cvs-2.tif.