CVSS: 8.8EPSS: 1%CPEs: 11EXPL: 2CVE-2018-8905 – libtiff: heap-based buffer overflow in tif_lzw.c:LZWDecodeCompat() allows for denial of service
https://notcve.org/view.php?id=CVE-2018-8905
22 Mar 2018 — In LibTIFF 4.0.9, a heap-based buffer overflow occurs in the function LZWDecodeCompat in tif_lzw.c via a crafted TIFF file, as demonstrated by tiff2ps. En LibTIFF 4.0.9, ocurre un desbordamiento de búfer basado en memoria dinámica (heap) en la función LZWDecodeCompat en tif_lzw.c mediante un archivo TIFF. Esto se demuestra por tiff2ps. The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Issues addressed include buffer overflow, code execution, denial of servi... • http://bugzilla.maptools.org/show_bug.cgi?id=2780 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 1%CPEs: 8EXPL: 2CVE-2018-7456 – libtiff: NULL pointer dereference in tif_print.c:TIFFPrintDirectory() causes a denial of service
https://notcve.org/view.php?id=CVE-2018-7456
24 Feb 2018 — A NULL Pointer Dereference occurs in the function TIFFPrintDirectory in tif_print.c in LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.0.8 and 4.0.9 when using the tiffinfo tool to print crafted TIFF information, a different vulnerability than CVE-2017-18013. (This affects an earlier part of the TIFFPrintDirectory function that was not addressed by the CVE-2017-18013 patch.) Una desreferencia d... • http://bugzilla.maptools.org/show_bug.cgi?id=2778 • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 1CVE-2018-5784 – Debian Security Advisory 4349-1
https://notcve.org/view.php?id=CVE-2018-5784
19 Jan 2018 — In LibTIFF 4.0.9, there is an uncontrolled resource consumption in the TIFFSetDirectory function of tif_dir.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted tif file. This occurs because the declared number of directory entries is not validated against the actual number of directory entries. En LibTIFF 4.0.9, hay un consumo no controlado de recursos en la función TIFFSetDirectory de tif_dir.c. Los atacantes remotos pueden aprovechar esta vulnerabilidad para pr... • http://bugzilla.maptools.org/show_bug.cgi?id=2772 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 2CVE-2018-5360
https://notcve.org/view.php?id=CVE-2018-5360
14 Jan 2018 — LibTIFF before 4.0.6 mishandles the reading of TIFF files, as demonstrated by a heap-based buffer over-read in the ReadTIFFImage function in coders/tiff.c in GraphicsMagick 1.3.27. LibTIFF 4.0.9 gestiona de manera incorrecta la lectura de archivos TIFF, tal y como demuestra una sobrelectura de búfer basada en memoria dinámica (heap) en la función ReadTIFFImage en coders/tiff.c en GraphicsMagick 1.3.27. • http://bugzilla.maptools.org/show_bug.cgi?id=2500 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2017-18013 – Ubuntu Security Notice USN-3602-1
https://notcve.org/view.php?id=CVE-2017-18013
01 Jan 2018 — In LibTIFF 4.0.9, there is a Null-Pointer Dereference in the tif_print.c TIFFPrintDirectory function, as demonstrated by a tiffinfo crash. En LibTIFF 4.0.9, existe una desreferencia de puntero NULL en la función TIFFPrintDirectory en tif_print.c, tal y como se demuestra con un cierre inesperado de tiffinfo. It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a remote attacker could crash the applicati... • http://bugzilla.maptools.org/show_bug.cgi?id=2770 • CWE-476: NULL Pointer Dereference •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2017-17973
https://notcve.org/view.php?id=CVE-2017-17973
29 Dec 2017 — In LibTIFF 4.0.8, there is a heap-based use-after-free in the t2p_writeproc function in tiff2pdf.c. NOTE: there is a third-party report of inability to reproduce this issue ** EN DISPUTA ** En LibTIFF 4.0.8, hay un uso de memoria dinámica (heap) previamente liberada en la función t2p_writeproc en tiff2pdf.c. NOTA: hay un informe de terceros que establece que es imposible reproducir este problema. • http://bugzilla.maptools.org/show_bug.cgi?id=2769 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2017-17942
https://notcve.org/view.php?id=CVE-2017-17942
28 Dec 2017 — In LibTIFF 4.0.9, there is a heap-based buffer over-read in the function PackBitsEncode in tif_packbits.c. En LibTIFF 4.0.9, hay una sobrelectura de búfer basada en memoria dinámica (heap) en la función PackBitsEncode en tif_packbits.c. • http://bugzilla.maptools.org/show_bug.cgi?id=2767 • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 2%CPEs: 1EXPL: 3CVE-2017-17095 – LibTIFF pal2rgb 4.0.9 - Heap Buffer Overflow
https://notcve.org/view.php?id=CVE-2017-17095
02 Dec 2017 — tools/pal2rgb.c in pal2rgb in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (TIFFSetupStrips heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file. tools/pal2rgb.c en pal2rgb en LibTIFF 4.0.7 permite que atacantes remotos provoquen una denegación de servicio (desbordamiento de búfer basado en memoria dinámica o heap de TIFFSetupStrips y cierre inesperado de la aplicación) o, probablemente, causen otros impactos no especificad... • https://packetstorm.news/files/id/145357 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-13726 – Ubuntu Security Notice USN-3602-1
https://notcve.org/view.php?id=CVE-2017-13726
29 Aug 2017 — There is a reachable assertion abort in the function TIFFWriteDirectorySec() in LibTIFF 4.0.8, related to tif_dirwrite.c and a SubIFD tag. A crafted input will lead to a remote denial of service attack. Es posible abortar aserciones alcanzables en la función TIFFWriteDirectorySec() en LibTIFF 4.0.8 en relación con tif_dirwrite.c y una etiqueta SubIFD. Se podría realizar un ataque de denegación de servicio remoto con una entrada especialmente manipulada. It was discovered that LibTIFF incorrectly handled cer... • http://bugzilla.maptools.org/show_bug.cgi?id=2727 • CWE-617: Reachable Assertion •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-13727 – Ubuntu Security Notice USN-3602-1
https://notcve.org/view.php?id=CVE-2017-13727
29 Aug 2017 — There is a reachable assertion abort in the function TIFFWriteDirectoryTagSubifd() in LibTIFF 4.0.8, related to tif_dirwrite.c and a SubIFD tag. A crafted input will lead to a remote denial of service attack. Es posible abortar aserciones alcanzables en la función TIFFWriteDirectoryTagSubifd() en LibTIFF 4.0.8 en relación con tif_dirwrite.c y una etiqueta SubIFD. Se podría realizar un ataque de denegación de servicio remoto con una entrada especialmente manipulada. It was discovered that LibTIFF incorrectly... • http://bugzilla.maptools.org/show_bug.cgi?id=2728 • CWE-617: Reachable Assertion •