CVE-2016-3633
https://notcve.org/view.php?id=CVE-2016-3633
The setrow function in the thumbnail tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to the src variable. La función setrow en la herramienta thumbnail en LibTIFF 4.0.6 y versiones anteriores permite a atacantes remotos provocar una denegación de servicio (lectura fuera de límites) a través de vectores relacionados con la variable src. • http://bugzilla.maptools.org/show_bug.cgi?id=2548 http://www.openwall.com/lists/oss-security/2016/04/08/11 https://security.gentoo.org/glsa/201701-16 • CWE-125: Out-of-bounds Read •
CVE-2016-3945 – libtiff: out-of-bounds write in the tiff2rgba tool
https://notcve.org/view.php?id=CVE-2016-3945
Multiple integer overflows in the (1) cvt_by_strip and (2) cvt_by_tile functions in the tiff2rgba tool in LibTIFF 4.0.6 and earlier, when -b mode is enabled, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted TIFF image, which triggers an out-of-bounds write. Múltiples desbordamientos de entero en las funciones (1) cvt_by_strip y (2) cvt_by_tile en la herramienta tiff2rgba en LibTIFF 4.0.6 y versiones anteriores, cuando está habilitado el modo -b, permiten a atacantes remotos provocar una denegación de servicio (caída) o ejecutar código arbitrario a través de una imagen TIFF manipulada, lo que desencadena una escritura fuera de límites. • http://bugzilla.maptools.org/show_bug.cgi?id=2545 http://lists.opensuse.org/opensuse-updates/2016-09/msg00039.html http://rhn.redhat.com/errata/RHSA-2016-1546.html http://rhn.redhat.com/errata/RHSA-2016-1547.html http://www.debian.org/security/2017/dsa-3762 http://www.openwall.com/lists/oss-security/2016/04/08/6 http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html http: • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVE-2016-3632 – libtiff: out-of-bounds write in _TIFFVGetField function
https://notcve.org/view.php?id=CVE-2016-3632
The _TIFFVGetField function in tif_dirinfo.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via a crafted TIFF image. La función _TIFFVGetField en tif_dirinfo.c en LibTIFF 4.0.6 y versiones anteriores permite a atacantes remotos provocar una denegación de servicio (escritura fuera de límites) o ejecutar código arbitrario a través de una imagen TIFF manipulada. • http://bugzilla.maptools.org/show_bug.cgi?id=2549 http://rhn.redhat.com/errata/RHSA-2016-1546.html http://rhn.redhat.com/errata/RHSA-2016-1547.html http://www.openwall.com/lists/oss-security/2016/04/08/9 http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html http://www.securityfocus.com/bid/85953 http://www.securityfocus.com/bid/85960 https://bugzilla.redhat.com/show_bug • CWE-787: Out-of-bounds Write •
CVE-2016-3991 – libtiff: out-of-bounds write in loadImage() function
https://notcve.org/view.php?id=CVE-2016-3991
Heap-based buffer overflow in the loadImage function in the tiffcrop tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via a crafted TIFF image with zero tiles. Desbordamiento de búfer basado en memoria dinámica en la función loadImage en la herramienta tiffcrop en LibTIFF 4.0.6 y versiones anteriores permite a atacantes remotos provocar una denegación de servicio (escritura fuera de límites) o ejecutar código arbitrario a través de una imagen TIFF manipulada con cero azulejos. • http://bugzilla.maptools.org/show_bug.cgi?id=2543 http://lists.opensuse.org/opensuse-updates/2016-09/msg00039.html http://rhn.redhat.com/errata/RHSA-2016-1546.html http://rhn.redhat.com/errata/RHSA-2016-1547.html http://www.debian.org/security/2017/dsa-3762 http://www.openwall.com/lists/oss-security/2016/04/12/3 http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html http: • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVE-2016-3990 – libtiff: out-of-bounds write in horizontalDifference8()
https://notcve.org/view.php?id=CVE-2016-3990
Heap-based buffer overflow in the horizontalDifference8 function in tif_pixarlog.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted TIFF image to tiffcp. Desbordamiento de búfer basado en memoria dinámica en la función horizontalDifference8 en tif_pixarlog.c en LibTIFF 4.0.6 y versiones anteriores permite a atacantes remotos provocar una denegación de servicio (caída) o ejecutar código arbitrario a través de una imagen TIFF manipulada para tiffcp. • http://bugzilla.maptools.org/show_bug.cgi?id=2544 http://lists.opensuse.org/opensuse-updates/2016-09/msg00039.html http://rhn.redhat.com/errata/RHSA-2016-1546.html http://rhn.redhat.com/errata/RHSA-2016-1547.html http://www.debian.org/security/2017/dsa-3762 http://www.openwall.com/lists/oss-security/2016/04/12/2 http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html http: • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •