VYPR

Libtiff

by LibTIFF

Source repositories

CVEs (269)

  • CVE-2016-10371MedMay 10, 2017
    risk 0.36cvss 5.5epss 0.01

    The TIFFWriteDirectoryTagCheckedRational function in tif_dirwrite.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted TIFF file.

  • CVE-2016-5322MedApr 11, 2017
    risk 0.36cvss 5.5epss 0.02

    The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image.

  • CVE-2017-7595MedApr 9, 2017
    risk 0.36cvss 5.5epss 0.01

    The JPEGSetupEncode function in tiff_jpeg.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted image.

  • CVE-2017-7594MedApr 9, 2017
    risk 0.36cvss 5.5epss 0.02

    The OJPEGReadHeaderInfoSecTablesDcTable function in tif_ojpeg.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (memory leak) via a crafted image.

  • CVE-2017-7593MedApr 9, 2017
    risk 0.36cvss 5.5epss 0.02

    tif_read.c in LibTIFF 4.0.7 does not ensure that tif_rawdata is properly initialized, which might allow remote attackers to obtain sensitive information from process memory via a crafted image.

  • CVE-2015-7313MedMar 17, 2017
    risk 0.36cvss 5.5epss 0.02

    LibTIFF before 4.0.7 allows remote attackers to cause a denial of service (memory consumption and crash) via a crafted tiff file.

  • CVE-2016-5315MedMar 7, 2017
    risk 0.36cvss 5.5epss 0.02

    The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image.

  • CVE-2016-10095MedMar 1, 2017
    risk 0.36cvss 5.5epss 0.03

    Stack-based buffer overflow in the _TIFFVGetField function in tif_dir.c in LibTIFF 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7 and 4.0.8 allows remote attackers to cause a denial of service (crash) via a…

  • CVE-2016-9532MedFeb 6, 2017
    risk 0.36cvss 5.5epss 0.02

    Integer overflow in the writeBufferToSeparateStrips function in tiffcrop.c in LibTIFF before 4.0.7 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tif file.

  • CVE-2016-5102MedFeb 6, 2017
    risk 0.36cvss 5.5epss 0.02

    Buffer overflow in the readgifimage function in gif2tiff.c in the gif2tiff tool in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (segmentation fault) via a crafted gif file.

  • CVE-2016-9273MedJan 18, 2017
    risk 0.36cvss 5.5epss 0.04

    tiffsplit in libtiff 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file, related to changing td_nstrips in TIFF_STRIPCHOP mode.

  • CVE-2015-8784MedApr 13, 2016
    risk 0.36cvss 6.5epss 0.04

    The NeXTDecode function in tif_next.c in LibTIFF allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted TIFF image, as demonstrated by libtiff5.tif.

  • CVE-2015-8683MedApr 13, 2016
    risk 0.36cvss 5.5epss 0.03

    The putcontig8bitCIELab function in tif_getimage.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via a packed TIFF image.

  • CVE-2015-8665MedApr 13, 2016
    risk 0.36cvss 5.5epss 0.03

    tif_getimage.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via the SamplesPerPixel tag in a TIFF image.

  • CVE-2025-8176MedJul 26, 2025
    risk 0.34cvss 5.3epss 0.00

    A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as critical. This vulnerability affects the function get_histogram of the file tools/tiffmedian.c. The manipulation leads to use after free. The attack needs to be approached locally. The exploit has been…

  • CVE-2016-10267MedMar 24, 2017
    risk 0.29cvss 5.5epss 0.02

    LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image, related to libtiff/tif_ojpeg.c:816:8.

  • CVE-2016-10266MedMar 24, 2017
    risk 0.29cvss 5.5epss 0.02

    LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image, related to libtiff/tif_read.c:351:22.

  • CVE-2017-9117MedMay 21, 2017
    risk 0.26cvss 4.0epss 0.02

    In LibTIFF 4.0.6 and possibly other versions, the program processes BMP images without verifying that biWidth and biHeight in the bitmap-information header match the actual input, as demonstrated by a heap-based buffer over-read in bmp2tiff. NOTE: mentioning bmp2tiff does not…

  • CVE-2025-8961LowAug 14, 2025
    risk 0.21cvss 3.3epss 0.00

    A weakness has been identified in LibTIFF 4.7.0. This affects the function main of the file tiffcrop.c of the component tiffcrop. Executing manipulation can lead to memory corruption. The attack can only be executed locally. The exploit has been made available to the public and…

  • CVE-2025-9165LowAug 19, 2025
    risk 0.16cvss 2.5epss 0.00

    A flaw has been found in LibTIFF 4.7.0. This affects the function _TIFFmallocExt/_TIFFCheckRealloc/TIFFHashSetNew/InitCCITTFax3 of the file tools/tiffcmp.c of the component tiffcmp. Executing manipulation can lead to memory leak. The attack is restricted to local execution. This…

Page 6 of 14