VYPR

Vendor CVEs

LibTIFF

All CVEs

269 total · sorted by risk
  • CVE-2016-9297HigJan 18, 2017
    risk 0.49cvss 7.5epss 0.06

    The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) via crafted TIFF_SETGET_C16ASCII or TIFF_SETGET_C32_ASCII tag values.

  • CVE-2016-3658HigOct 3, 2016
    risk 0.49cvss 7.5epss 0.04

    The TIFFWriteDirectoryTagLongLong8Array function in tif_dirwrite.c in the tiffset tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via vectors involving the ma variable.

  • CVE-2016-3634HigOct 3, 2016
    risk 0.49cvss 7.5epss 0.02

    The tagCompare function in tif_dirinfo.c in the thumbnail tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to field_tag matching.

  • CVE-2016-3633HigOct 3, 2016
    risk 0.49cvss 7.5epss 0.02

    The setrow function in the thumbnail tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to the src variable.

  • CVE-2016-3631HigOct 3, 2016
    risk 0.49cvss 7.5epss 0.03

    The (1) cpStrips and (2) cpTiles functions in the thumbnail tool in LibTIFF 4.0.6 and earlier allow remote attackers to cause a denial of service (out-of-bounds read) via vectors related to the bytecounts[] array variable.

  • CVE-2016-3624HigOct 3, 2016
    risk 0.49cvss 7.5epss 0.04

    The cvtClump function in the rgb2ycbcr tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds write) by setting the "-v" option to -1.

  • CVE-2016-3623HigOct 3, 2016
    risk 0.49cvss 7.5epss 0.06

    The rgb2ycbcr tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (divide-by-zero) by setting the (1) v or (2) h parameter to 0.

  • CVE-2016-3620HigOct 3, 2016
    risk 0.49cvss 7.5epss 0.03

    The ZIPEncode function in tif_zip.c in the bmp2tiff tool in LibTIFF 4.0.6 and earlier, when the "-c zip" option is used, allows remote attackers to cause a denial of service (buffer over-read) via a crafted BMP image.

  • CVE-2015-8870HigDec 6, 2016
    risk 0.48cvss 7.4epss 0.02

    Integer overflow in tools/bmp2tiff.c in LibTIFF before 4.0.4 allows remote attackers to cause a denial of service (heap-based buffer over-read), or possibly obtain sensitive information from process memory, via crafted width and length values in RLE4 or RLE8 data in a BMP file.

  • CVE-2017-9936MedJun 26, 2017
    risk 0.46cvss 6.5epss 0.07

    In LibTIFF 4.0.8, there is a memory leak in tif_jbig.c. A crafted TIFF document can lead to a memory leak resulting in a remote denial of service attack.

  • CVE-2017-9147MedMay 22, 2017
    risk 0.46cvss 6.5epss 0.07

    LibTIFF 4.0.7 has an invalid read in the _TIFFVGetField function in tif_dir.c, which might allow remote attackers to cause a denial of service (crash) via a crafted TIFF file.

  • CVE-2016-5652HigJan 6, 2017
    risk 0.46cvss 7.0epss 0.04

    An exploitable heap-based buffer overflow exists in the handling of TIFF images in LibTIFF's TIFF2PDF tool. A crafted TIFF document can lead to a heap-based buffer overflow resulting in remote code execution. Vulnerability can be triggered via a saved TIFF file delivered by…

  • CVE-2016-10272HigMar 24, 2017
    risk 0.44cvss 7.8epss 0.02

    LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted TIFF image, related to "WRITE of size 2048" and libtiff/tif_next.c:64:9.

  • CVE-2016-10271HigMar 24, 2017
    risk 0.44cvss 7.8epss 0.02

    tools/tiffcrop.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer over-read and buffer overflow) or possibly have unspecified other impact via a crafted TIFF image, related to "READ of size 1" and libtiff/tif_fax3.c:413:13.

  • CVE-2016-10270HigMar 24, 2017
    risk 0.44cvss 7.8epss 0.02

    LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted TIFF image, related to "READ of size 8" and libtiff/tif_read.c:523:22.

  • CVE-2016-10269HigMar 24, 2017
    risk 0.44cvss 7.8epss 0.02

    LibTIFF 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6 and 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted TIFF image,…

  • CVE-2016-10268HigMar 24, 2017
    risk 0.44cvss 7.8epss 0.02

    tools/tiffcp.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (integer underflow and heap-based buffer under-read) or possibly have unspecified other impact via a crafted TIFF image, related to "READ of size 78490" and libtiff/tif_unix.c:115:23.

  • CVE-2016-10094HigMar 1, 2017
    risk 0.44cvss 7.8epss 0.02

    Off-by-one error in the t2p_readwrite_pdf_image_tile function in tools/tiff2pdf.c in LibTIFF 4.0.7 allows remote attackers to have unspecified impact via a crafted image.

  • CVE-2016-10093HigMar 1, 2017
    risk 0.44cvss 7.8epss 0.02

    Integer overflow in tools/tiffcp.c in LibTIFF 4.0.7, 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5 and 4.0.6 allows remote attackers to have unspecified impact via a crafted image, which…

  • CVE-2016-10092HigMar 1, 2017
    risk 0.44cvss 7.8epss 0.02

    Heap-based buffer overflow in the readContigStripsIntoBuffer function in tif_unix.c in LibTIFF 4.0.7, 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5 and 4.0.6 allows remote attackers to…

  • CVE-2018-17000MedSep 13, 2018
    risk 0.43cvss 6.5epss 0.03

    A NULL pointer dereference in the function _TIFFmemcmp at tif_unix.c (called from TIFFWriteDirectoryTagTransferfunction) in LibTIFF 4.0.9 allows an attacker to cause a denial-of-service through a crafted tiff file. This vulnerability can be triggered by the executable tiffcp.

  • CVE-2018-10963MedMay 10, 2018
    risk 0.43cvss 6.5epss 0.04

    The TIFFWriteDirectorySec() function in tif_dirwrite.c in LibTIFF through 4.0.9 allows remote attackers to cause a denial of service (assertion failure and application crash) via a crafted file, a different vulnerability than CVE-2017-13726.

  • CVE-2014-8127MedJun 26, 2017
    risk 0.43cvss 6.5epss 0.06

    LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted TIFF image to the (1) checkInkNamesString function in tif_dir.c in the thumbnail tool, (2) compresscontig function in tiff2bw.c in the tiff2bw tool, (3)…

  • CVE-2016-5319MedJan 20, 2017
    risk 0.43cvss 6.5epss 0.04

    Heap-based buffer overflow in tif_packbits.c in libtiff 4.0.6 and earlier allows remote attackers to crash the application via a crafted bmp file.

  • CVE-2016-5318MedJan 20, 2017
    risk 0.43cvss 6.5epss 0.05

    Stack-based buffer overflow in the _TIFFVGetField function in libtiff 4.0.6 and earlier allows remote attackers to crash the application via a crafted tiff.

  • CVE-2016-3622MedOct 3, 2016
    risk 0.43cvss 6.5epss 0.04

    The fpAcc function in tif_predict.c in the tiff2rgba tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted TIFF image.

  • CVE-2015-1547MedApr 13, 2016
    risk 0.43cvss 6.5epss 0.03

    The NeXTDecode function in tif_next.c in LibTIFF allows remote attackers to cause a denial of service (uninitialized memory access) via a crafted TIFF image, as demonstrated by libtiff5.tif.

  • CVE-2018-10801MedMay 8, 2018
    risk 0.42cvss 6.5epss 0.01

    TIFFClientOpen in tif_unix.c in LibTIFF 3.8.2 has memory leaks, as demonstrated by bmp2tiff.

  • CVE-2018-10779MedMay 7, 2018
    risk 0.42cvss 6.5epss 0.03

    TIFFWriteScanline in tif_write.c in LibTIFF 3.8.2 has a heap-based buffer over-read, as demonstrated by bmp2tiff.

  • CVE-2018-7456MedFeb 24, 2018
    risk 0.42cvss 6.5epss 0.03

    A NULL Pointer Dereference occurs in the function TIFFPrintDirectory in tif_print.c in LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.0.8 and 4.0.9 when using the…

  • CVE-2018-5784MedJan 19, 2018
    risk 0.42cvss 6.5epss 0.03

    In LibTIFF 4.0.9, there is an uncontrolled resource consumption in the TIFFSetDirectory function of tif_dir.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted tif file. This occurs because the declared number of directory entries is…

  • CVE-2017-18013MedJan 1, 2018
    risk 0.42cvss 6.5epss 0.03

    In LibTIFF 4.0.9, there is a Null-Pointer Dereference in the tif_print.c TIFFPrintDirectory function, as demonstrated by a tiffinfo crash.

  • CVE-2017-13727MedAug 29, 2017
    risk 0.42cvss 6.5epss 0.02

    There is a reachable assertion abort in the function TIFFWriteDirectoryTagSubifd() in LibTIFF 4.0.8, related to tif_dirwrite.c and a SubIFD tag. A crafted input will lead to a remote denial of service attack.

  • CVE-2017-13726MedAug 29, 2017
    risk 0.42cvss 6.5epss 0.03

    There is a reachable assertion abort in the function TIFFWriteDirectorySec() in LibTIFF 4.0.8, related to tif_dirwrite.c and a SubIFD tag. A crafted input will lead to a remote denial of service attack.

  • CVE-2017-11613MedJul 26, 2017
    risk 0.42cvss 6.5epss 0.03

    In LibTIFF 4.0.8, there is a denial of service vulnerability in the TIFFOpen function. A crafted input will lead to a denial of service attack. During the TIFFOpen process, td_imagelength is not checked. The value of td_imagelength can be directly controlled by an input file. In…

  • CVE-2017-9937MedJun 26, 2017
    risk 0.42cvss 6.5epss 0.03

    In LibTIFF 4.0.8, there is a memory malloc failure in tif_jbig.c. A crafted TIFF document can lead to an abort resulting in a remote denial of service attack.

  • CVE-2017-9815MedJun 22, 2017
    risk 0.42cvss 6.5epss 0.02

    In LibTIFF 4.0.7, the TIFFReadDirEntryLong8Array function in libtiff/tif_dirread.c mishandles a malloc operation, which allows attackers to cause a denial of service (memory leak within the function _TIFFmalloc in tif_unix.c) via a crafted file.

  • CVE-2017-9404MedJun 2, 2017
    risk 0.42cvss 6.5epss 0.01

    In LibTIFF 4.0.7, a memory leak vulnerability was found in the function OJPEGReadHeaderInfoSecTablesQTable in tif_ojpeg.c, which allows attackers to cause a denial of service via a crafted file.

  • CVE-2017-9403MedJun 2, 2017
    risk 0.42cvss 6.5epss 0.01

    In LibTIFF 4.0.7, a memory leak vulnerability was found in the function TIFFReadDirEntryLong8Array in tif_dirread.c, which allows attackers to cause a denial of service via a crafted file.

  • CVE-2016-5321MedJan 20, 2017
    risk 0.42cvss 6.5epss 0.03

    The DumpModeDecode function in libtiff 4.0.6 and earlier allows attackers to cause a denial of service (invalid read and crash) via a crafted tiff image.

  • CVE-2016-5317MedJan 20, 2017
    risk 0.42cvss 6.5epss 0.02

    Buffer overflow in the PixarLogDecode function in libtiff.so in the PixarLogDecode function in libtiff 4.0.6 and earlier, as used in GNOME nautilus, allows attackers to cause a denial of service attack (crash) via a crafted TIFF file.

  • CVE-2016-5316MedJan 20, 2017
    risk 0.42cvss 6.5epss 0.02

    Out-of-bounds read in the PixarLogCleanup function in tif_pixarlog.c in libtiff 4.0.6 and earlier allows remote attackers to crash the application by sending a crafted TIFF image to the rgb2ycbcr tool.

  • CVE-2016-3625MedOct 3, 2016
    risk 0.42cvss 6.5epss 0.02

    tif_read.c in the tiff2bw tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TIFF image.

  • CVE-2016-3619MedOct 3, 2016
    risk 0.42cvss 6.5epss 0.02

    The DumpModeEncode function in tif_dumpmode.c in the bmp2tiff tool in LibTIFF 4.0.6 and earlier, when the "-c none" option is used, allows remote attackers to cause a denial of service (buffer over-read) via a crafted BMP image.

  • CVE-2014-9655MedApr 13, 2016
    risk 0.42cvss 6.5epss 0.03

    The (1) putcontig8bitYCbCr21tile function in tif_getimage.c or (2) NeXTDecode function in tif_next.c in LibTIFF allows remote attackers to cause a denial of service (uninitialized memory access) via a crafted TIFF image, as demonstrated by libtiff-cvs-1.tif and libtiff-cvs-2.tif.

  • CVE-2015-8783MedFeb 1, 2016
    risk 0.42cvss 6.5epss 0.03

    tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bounds reads) via a crafted TIFF image.

  • CVE-2015-8782MedFeb 1, 2016
    risk 0.42cvss 6.5epss 0.03

    tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bounds writes) via a crafted TIFF image, a different vulnerability than CVE-2015-8781.

  • CVE-2015-8781MedFeb 1, 2016
    risk 0.42cvss 6.5epss 0.03

    tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bounds write) via an invalid number of samples per pixel in a LogL compressed TIFF image, a different vulnerability than CVE-2015-8782.

  • CVE-2016-3186MedApr 19, 2016
    risk 0.40cvss 6.2epss 0.02

    Buffer overflow in the readextension function in gif2tiff.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (application crash) via a crafted GIF file.

  • CVE-2014-8130MedMar 12, 2018
    risk 0.36cvss 6.5epss 0.04

    The _TIFFmalloc function in tif_unix.c in LibTIFF 4.0.3 does not reject a zero size, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image that is mishandled by the TIFFWriteScanline function in…

Page 2 of 6