CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2016-10092 – Ubuntu Security Notice USN-3212-1
https://notcve.org/view.php?id=CVE-2016-10092
27 Feb 2017 — Heap-based buffer overflow in the readContigStripsIntoBuffer function in tif_unix.c in LibTIFF 4.0.7, 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5 and 4.0.6 allows remote attackers to have unspecified impact via a crafted image. Desbordamiento de búfer basado en Heap en la función readContigStripsIntoBuffer en tif_unix.c en LibTIFF versiones 4.0.7, 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4. 0.0a... • http://bugzilla.maptools.org/show_bug.cgi?id=2620 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2016-10093 – Ubuntu Security Notice USN-3212-1
https://notcve.org/view.php?id=CVE-2016-10093
27 Feb 2017 — Integer overflow in tools/tiffcp.c in LibTIFF 4.0.7, 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5 and 4.0.6 allows remote attackers to have unspecified impact via a crafted image, which triggers a heap-based buffer overflow. El desbordamiento de enteros en tools/tiffcp.c en LibTIFF versiones 4.0.7, 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0. 2, 4.0.3, 4.0.... • http://bugzilla.maptools.org/show_bug.cgi?id=2610 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2016-10094 – Ubuntu Security Notice USN-3212-1
https://notcve.org/view.php?id=CVE-2016-10094
27 Feb 2017 — Off-by-one error in the t2p_readwrite_pdf_image_tile function in tools/tiff2pdf.c in LibTIFF 4.0.7 allows remote attackers to have unspecified impact via a crafted image. Error por un paso en la función t2p_readwrite_pdf_image_tile en tools/tiff2pdf.c en LibTIFF 4.0.7 permite a atacantes remotos tener un impacto no especificado a través de una imagen manipulada. It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially cr... • http://bugzilla.maptools.org/show_bug.cgi?id=2640 • CWE-189: Numeric Errors •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-5563 – Gentoo Linux Security Advisory 201709-27
https://notcve.org/view.php?id=CVE-2017-5563
23 Jan 2017 — LibTIFF version 4.0.7 is vulnerable to a heap-based buffer over-read in tif_lzw.c resulting in DoS or code execution via a crafted bmp image to tools/bmp2tiff. LibTIFF versión 4.0.7 es vulnerable a una sobre lectura de bufer basado en memoria dinámica en tif_lzw.c resultando en DoS o ejecución de código a través de una imagen bmp manipulada en tools/bmp2tiff. It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially craft... • http://bugzilla.maptools.org/show_bug.cgi?id=2664 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 2CVE-2017-5225 – Ubuntu Security Notice USN-3212-1
https://notcve.org/view.php?id=CVE-2017-5225
12 Jan 2017 — LibTIFF version 4.0.7 is vulnerable to a heap buffer overflow in the tools/tiffcp resulting in DoS or code execution via a crafted BitsPerSample value. LibTIFF en la versión 4.0.7 es vulnerable a un desbordamiento de búfer de memoria dinámica en tools/tiffcp resultando en un DoS o ejecución de código a través de un valor BitsPerSample manipulado. USN-3212-1 fixed several issues in LibTIFF. This update provides a subset of corresponding update for Ubuntu 12.04 ESM. Mei Wang discovered a multiple integer over... • http://bugzilla.maptools.org/show_bug.cgi?id=2656 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2016-5316 – Gentoo Linux Security Advisory 201701-16
https://notcve.org/view.php?id=CVE-2016-5316
09 Jan 2017 — Out-of-bounds read in the PixarLogCleanup function in tif_pixarlog.c in libtiff 4.0.6 and earlier allows remote attackers to crash the application by sending a crafted TIFF image to the rgb2ycbcr tool. Lectura fuera de límites en la función PixarLogCleanup en tif_pixarlog.c en libtiff 4.0.6 y versiones anteriores permite a atacantes remotos bloquear la aplicación enviando una imagen TIFF manipulada a la herramienta rgb2ycbcr. It was discovered that LibTIFF incorrectly handled certain malformed images. If a ... • http://lists.opensuse.org/opensuse-updates/2016-07/msg00087.html • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2016-5315 – Gentoo Linux Security Advisory 201701-16
https://notcve.org/view.php?id=CVE-2016-5315
09 Jan 2017 — The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image. La función setByteArray en tif_dir.c en libtiff 4.0.6 y versiones anteriores permite a atacantes remotos provocar una denegación de servicio (lectura fuera de límites) a través de una imagen tiff manipulada. It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a s... • http://www.debian.org/security/2017/dsa-3762 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2016-5322 – Gentoo Linux Security Advisory 201701-16
https://notcve.org/view.php?id=CVE-2016-5322
09 Jan 2017 — The setByteArray function in tif_dir.c in libtiff 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tiff image. La función setByteArray en tif_dir.c en libtiff 4.0.6 y versiones anteriores permite a los atacantes remotos provocar una denegación de servicio (fuera de los límites de lectura) a través de una imagen tiff manipulada. It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into ... • http://www.debian.org/security/2017/dsa-3762 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2016-5317 – Gentoo Linux Security Advisory 201701-16
https://notcve.org/view.php?id=CVE-2016-5317
09 Jan 2017 — Buffer overflow in the PixarLogDecode function in libtiff.so in the PixarLogDecode function in libtiff 4.0.6 and earlier, as used in GNOME nautilus, allows attackers to cause a denial of service attack (crash) via a crafted TIFF file. Desbordamiento de búfer en la función PixarLogDecode en libtiff.so en la función PixarLogDecode en libtiff 4.0.6 y versiones anteriores, como se utiliza en GNOME nautilus, permite a atacantes provocar un ataque de denegación de servicio (caída) a través de un archivo TIFF mani... • http://lists.opensuse.org/opensuse-updates/2016-07/msg00087.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 0CVE-2016-9448 – Gentoo Linux Security Advisory 201701-16
https://notcve.org/view.php?id=CVE-2016-9448
09 Jan 2017 — The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) by setting the tags TIFF_SETGET_C16ASCII or TIFF_SETGET_C32_ASCII to values that access 0-byte arrays. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9297. La función TIFFFetchNormalTag en LibTiff 4.0.6 permite a atacantes remotos provocar una denegación de servicio (referencia a puntero NULL y caída) estableciendo las etiquetas TIFF_SETGET_C16... • http://bugzilla.maptools.org/show_bug.cgi?id=2593 • CWE-476: NULL Pointer Dereference •