CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 0CVE-2016-9448 – Gentoo Linux Security Advisory 201701-16
https://notcve.org/view.php?id=CVE-2016-9448
09 Jan 2017 — The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) by setting the tags TIFF_SETGET_C16ASCII or TIFF_SETGET_C32_ASCII to values that access 0-byte arrays. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9297. La función TIFFFetchNormalTag en LibTiff 4.0.6 permite a atacantes remotos provocar una denegación de servicio (referencia a puntero NULL y caída) estableciendo las etiquetas TIFF_SETGET_C16... • http://bugzilla.maptools.org/show_bug.cgi?id=2593 • CWE-476: NULL Pointer Dereference •
CVSS: 8.1EPSS: 8%CPEs: 1EXPL: 1CVE-2016-5652 – libtiff: tiff2pdf JPEG Compression Tables Heap Buffer Overflow
https://notcve.org/view.php?id=CVE-2016-5652
06 Jan 2017 — An exploitable heap-based buffer overflow exists in the handling of TIFF images in LibTIFF's TIFF2PDF tool. A crafted TIFF document can lead to a heap-based buffer overflow resulting in remote code execution. Vulnerability can be triggered via a saved TIFF file delivered by other means. Existe un desbordamiento de búfer basado en memoria dinámica explotable en el manejo de imágenes TIFF en la herramienta LibTIFF's TIFF2PDF. Un documento TIFF manipulado puede conducir a un desbordamiento de búfer basado en m... • http://rhn.redhat.com/errata/RHSA-2017-0225.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 7.4EPSS: 0%CPEs: 1EXPL: 0CVE-2015-8870 – libtiff: Integer overflow in tools/bmp2tiff.c
https://notcve.org/view.php?id=CVE-2015-8870
06 Dec 2016 — Integer overflow in tools/bmp2tiff.c in LibTIFF before 4.0.4 allows remote attackers to cause a denial of service (heap-based buffer over-read), or possibly obtain sensitive information from process memory, via crafted width and length values in RLE4 or RLE8 data in a BMP file. Desbordamiento de entero en tools/bmp2tiff.c en LibTIFF en versiones anteriores a 4.0.4 permite a atacantes remotos provocar una denegación de servicio (sobre lectura de búfer basado en memoria dinámica), o posiblemente obtener infor... • http://download.osgeo.org/libtiff/tiff-4.0.4.tar.gz • CWE-20: Improper Input Validation CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-9533 – libtiff: PixarLog horizontalDifference heap-buffer-overflow
https://notcve.org/view.php?id=CVE-2016-9533
22 Nov 2016 — tif_pixarlog.c in libtiff 4.0.6 has out-of-bounds write vulnerabilities in heap allocated buffers. Reported as MSVR 35094, aka "PixarLog horizontalDifference heap-buffer-overflow." tif_pixarlog.c en libtiff 4.0.6 tiene vulnerabilidades de escritura fuera de límites en bufers alojados en memoria dinámica. Reportada como SVR 35094, vulnerabilidad también conocida como "PixarLog horizontalDifference heap-buffer-overflow". The libtiff packages contain a library of functions for manipulating Tagged Image File Fo... • http://rhn.redhat.com/errata/RHSA-2017-0225.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2016-9534 – libtiff: TIFFFlushData1 heap-buffer-overflow
https://notcve.org/view.php?id=CVE-2016-9534
22 Nov 2016 — tif_write.c in libtiff 4.0.6 has an issue in the error code path of TIFFFlushData1() that didn't reset the tif_rawcc and tif_rawcp members. Reported as MSVR 35095, aka "TIFFFlushData1 heap-buffer-overflow." tif_write.c en libtiff 4.0.6 tiene un problema en la ruta del código de error de TIFFFlushData1() que no restableció los miembros tif_rawcc y tif_rawcp. Reportado como MSVR 35095, vulnerabilidad también conocida como "TIFFFlushData1 heap-buffer-overflow". The libtiff packages contain a library of functio... • http://rhn.redhat.com/errata/RHSA-2017-0225.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-9535 – libtiff: Predictor heap-buffer-overflow
https://notcve.org/view.php?id=CVE-2016-9535
22 Nov 2016 — tif_predict.h and tif_predict.c in libtiff 4.0.6 have assertions that can lead to assertion failures in debug mode, or buffer overflows in release mode, when dealing with unusual tile size like YCbCr with subsampling. Reported as MSVR 35105, aka "Predictor heap-buffer-overflow." tif_predict.h y tif_predict.c en libtiff 4.0.6 tienen aserciones que pueden conducir a fallos de aserción en modo debug, o desbordamientos de búfer en modo de liberación, cuando trata con un tamaño inusual de tile como YCbCr con sub... • http://rhn.redhat.com/errata/RHSA-2017-0225.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-9536 – libtiff: t2p_process_jpeg_strip heap-buffer-overflow
https://notcve.org/view.php?id=CVE-2016-9536
22 Nov 2016 — tools/tiff2pdf.c in libtiff 4.0.6 has out-of-bounds write vulnerabilities in heap allocated buffers in t2p_process_jpeg_strip(). Reported as MSVR 35098, aka "t2p_process_jpeg_strip heap-buffer-overflow." tools/tiff2pdf.c en libtiff 4.0.6 tiene vulnerabilidades de escritura fuera de límites en bufers alojados en memoria dinámica en t2p_process_jpeg_strip(). Reportado como MSVR 35098, vulnerabilidad también conocida como "t2p_process_jpeg_strip heap-buffer-overflow". The libtiff packages contain a library of ... • http://rhn.redhat.com/errata/RHSA-2017-0225.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-9537 – libtiff: Out-of-bounds write vulnerabilities in tools/tiffcrop.c
https://notcve.org/view.php?id=CVE-2016-9537
22 Nov 2016 — tools/tiffcrop.c in libtiff 4.0.6 has out-of-bounds write vulnerabilities in buffers. Reported as MSVR 35093, MSVR 35096, and MSVR 35097. tools/tiffcrop.c en libtiff 4.0.6 tiene vulnerabilidades de escritura fuera de límites en bufers. Reportado como MSVR 35093, MSVR 35096 y MSVR 35097. The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Security Fix: Multiple flaws have been discovered in libtiff. • http://rhn.redhat.com/errata/RHSA-2017-0225.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-9538 – Ubuntu Security Notice USN-3212-1
https://notcve.org/view.php?id=CVE-2016-9538
22 Nov 2016 — tools/tiffcrop.c in libtiff 4.0.6 reads an undefined buffer in readContigStripsIntoBuffer() because of a uint16 integer overflow. Reported as MSVR 35100. tools/tiffcrop.c en libtiff 4.0.6 lee un búfer no definido en readContigStripsIntoBuffer() a causa de un desbordamiento de entero uint16. Reportado como MSVR 35100. It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a remote attacker could crash the... • http://www.debian.org/security/2017/dsa-3762 • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-9539 – Ubuntu Security Notice USN-3212-1
https://notcve.org/view.php?id=CVE-2016-9539
22 Nov 2016 — tools/tiffcrop.c in libtiff 4.0.6 has an out-of-bounds read in readContigTilesIntoBuffer(). Reported as MSVR 35092. tools/tiffcrop.c en libtiff 4.0.6 tiene una lectura fuera de límites en readContigTilesIntoBuffer(). Reportado como MSVR 35092. It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary... • http://www.securityfocus.com/bid/94484 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •