Filtered by vendor Libtiff
Subscriptions
Filtered by product Libtiff
Subscriptions
Total
251 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-9403 | 3 Canonical, Debian, Libtiff | 3 Ubuntu Linux, Debian Linux, Libtiff | 2024-11-21 | N/A |
| In LibTIFF 4.0.7, a memory leak vulnerability was found in the function TIFFReadDirEntryLong8Array in tif_dirread.c, which allows attackers to cause a denial of service via a crafted file. | ||||
| CVE-2017-9147 | 1 Libtiff | 1 Libtiff | 2024-11-21 | N/A |
| LibTIFF 4.0.7 has an invalid read in the _TIFFVGetField function in tif_dir.c, which might allow remote attackers to cause a denial of service (crash) via a crafted TIFF file. | ||||
| CVE-2017-9117 | 2 Canonical, Libtiff | 2 Ubuntu Linux, Libtiff | 2024-11-21 | N/A |
| In LibTIFF 4.0.7, the program processes BMP images without verifying that biWidth and biHeight in the bitmap-information header match the actual input, leading to a heap-based buffer over-read in bmp2tiff. | ||||
| CVE-2017-7602 | 1 Libtiff | 1 Libtiff | 2024-11-21 | N/A |
| LibTIFF 4.0.7 has a signed integer overflow, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. | ||||
| CVE-2017-7601 | 1 Libtiff | 1 Libtiff | 2024-11-21 | N/A |
| LibTIFF 4.0.7 has a "shift exponent too large for 64-bit type long" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. | ||||
| CVE-2017-7600 | 1 Libtiff | 1 Libtiff | 2024-11-21 | N/A |
| LibTIFF 4.0.7 has an "outside the range of representable values of type unsigned char" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. | ||||
| CVE-2017-7599 | 1 Libtiff | 1 Libtiff | 2024-11-21 | N/A |
| LibTIFF 4.0.7 has an "outside the range of representable values of type short" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. | ||||
| CVE-2017-7598 | 1 Libtiff | 1 Libtiff | 2024-11-21 | N/A |
| tif_dirread.c in LibTIFF 4.0.7 might allow remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted image. | ||||
| CVE-2017-7597 | 1 Libtiff | 1 Libtiff | 2024-11-21 | N/A |
| tif_dirread.c in LibTIFF 4.0.7 has an "outside the range of representable values of type float" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. | ||||
| CVE-2017-7596 | 1 Libtiff | 1 Libtiff | 2024-11-21 | N/A |
| LibTIFF 4.0.7 has an "outside the range of representable values of type float" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. | ||||
| CVE-2017-7595 | 1 Libtiff | 1 Libtiff | 2024-11-21 | N/A |
| The JPEGSetupEncode function in tiff_jpeg.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted image. | ||||
| CVE-2017-7594 | 1 Libtiff | 1 Libtiff | 2024-11-21 | N/A |
| The OJPEGReadHeaderInfoSecTablesDcTable function in tif_ojpeg.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (memory leak) via a crafted image. | ||||
| CVE-2017-7593 | 1 Libtiff | 1 Libtiff | 2024-11-21 | N/A |
| tif_read.c in LibTIFF 4.0.7 does not ensure that tif_rawdata is properly initialized, which might allow remote attackers to obtain sensitive information from process memory via a crafted image. | ||||
| CVE-2017-7592 | 1 Libtiff | 1 Libtiff | 2024-11-21 | N/A |
| The putagreytile function in tif_getimage.c in LibTIFF 4.0.7 has a left-shift undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. | ||||
| CVE-2017-5563 | 1 Libtiff | 1 Libtiff | 2024-11-21 | N/A |
| LibTIFF version 4.0.7 is vulnerable to a heap-based buffer over-read in tif_lzw.c resulting in DoS or code execution via a crafted bmp image to tools/bmp2tiff. | ||||
| CVE-2017-5225 | 1 Libtiff | 1 Libtiff | 2024-11-21 | N/A |
| LibTIFF version 4.0.7 is vulnerable to a heap buffer overflow in the tools/tiffcp resulting in DoS or code execution via a crafted BitsPerSample value. | ||||
| CVE-2017-18013 | 1 Libtiff | 1 Libtiff | 2024-11-21 | N/A |
| In LibTIFF 4.0.9, there is a Null-Pointer Dereference in the tif_print.c TIFFPrintDirectory function, as demonstrated by a tiffinfo crash. | ||||
| CVE-2017-17973 | 1 Libtiff | 1 Libtiff | 2024-11-21 | 8.8 High |
| In LibTIFF 4.0.8, there is a heap-based use-after-free in the t2p_writeproc function in tiff2pdf.c. NOTE: there is a third-party report of inability to reproduce this issue | ||||
| CVE-2017-17942 | 1 Libtiff | 1 Libtiff | 2024-11-21 | N/A |
| In LibTIFF 4.0.9, there is a heap-based buffer over-read in the function PackBitsEncode in tif_packbits.c. | ||||
| CVE-2017-17095 | 1 Libtiff | 1 Libtiff | 2024-11-21 | N/A |
| tools/pal2rgb.c in pal2rgb in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (TIFFSetupStrips heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file. | ||||