CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2017-18013
https://notcve.org/view.php?id=CVE-2017-18013
In LibTIFF 4.0.9, there is a Null-Pointer Dereference in the tif_print.c TIFFPrintDirectory function, as demonstrated by a tiffinfo crash. En LibTIFF 4.0.9, existe una desreferencia de puntero NULL en la función TIFFPrintDirectory en tif_print.c, tal y como se demuestra con un cierre inesperado de tiffinfo. • http://bugzilla.maptools.org/show_bug.cgi?id=2770 http://www.securityfocus.com/bid/102345 https://gitlab.com/libtiff/libtiff/commit/c6f41df7b581402dfba3c19a1e3df4454c551a01 https://lists.debian.org/debian-lts-announce/2018/01/msg00033.html https://lists.debian.org/debian-lts-announce/2018/01/msg00034.html https://usn.ubuntu.com/3602-1 https://usn.ubuntu.com/3606-1 https://www.debian.org/security/2018/dsa-4100 • CWE-476: NULL Pointer Dereference •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2017-17973
https://notcve.org/view.php?id=CVE-2017-17973
In LibTIFF 4.0.8, there is a heap-based use-after-free in the t2p_writeproc function in tiff2pdf.c. NOTE: there is a third-party report of inability to reproduce this issue ** EN DISPUTA ** En LibTIFF 4.0.8, hay un uso de memoria dinámica (heap) previamente liberada en la función t2p_writeproc en tiff2pdf.c. NOTA: hay un informe de terceros que establece que es imposible reproducir este problema. • http://bugzilla.maptools.org/show_bug.cgi?id=2769 http://www.securityfocus.com/bid/102331 https://bugzilla.novell.com/show_bug.cgi?id=1074318 https://bugzilla.redhat.com/show_bug.cgi?id=1530912 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2017-17942
https://notcve.org/view.php?id=CVE-2017-17942
In LibTIFF 4.0.9, there is a heap-based buffer over-read in the function PackBitsEncode in tif_packbits.c. En LibTIFF 4.0.9, hay una sobrelectura de búfer basada en memoria dinámica (heap) en la función PackBitsEncode en tif_packbits.c. • http://bugzilla.maptools.org/show_bug.cgi?id=2767 http://www.securityfocus.com/bid/102312 • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 5%CPEs: 1EXPL: 2CVE-2017-17095 – LibTIFF pal2rgb 4.0.9 - Heap Buffer Overflow
https://notcve.org/view.php?id=CVE-2017-17095
tools/pal2rgb.c in pal2rgb in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (TIFFSetupStrips heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file. tools/pal2rgb.c en pal2rgb en LibTIFF 4.0.7 permite que atacantes remotos provoquen una denegación de servicio (desbordamiento de búfer basado en memoria dinámica o heap de TIFFSetupStrips y cierre inesperado de la aplicación) o, probablemente, causen otros impactos no especificados mediante un archivo TIFF manipulado. LibTIFF pal2rgb version 4.0.9 suffers from a heap buffer overflow. • https://www.exploit-db.com/exploits/43322 http://bugzilla.maptools.org/show_bug.cgi?id=2750 http://www.openwall.com/lists/oss-security/2017/11/30/3 http://www.securityfocus.com/bid/102124 https://lists.debian.org/debian-lts-announce/2019/11/msg00027.html https://security.gentoo.org/glsa/202003-25 https://usn.ubuntu.com/3606-1 https://www.debian.org/security/2018/dsa-4349 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-13726
https://notcve.org/view.php?id=CVE-2017-13726
There is a reachable assertion abort in the function TIFFWriteDirectorySec() in LibTIFF 4.0.8, related to tif_dirwrite.c and a SubIFD tag. A crafted input will lead to a remote denial of service attack. Es posible abortar aserciones alcanzables en la función TIFFWriteDirectorySec() en LibTIFF 4.0.8 en relación con tif_dirwrite.c y una etiqueta SubIFD. Se podría realizar un ataque de denegación de servicio remoto con una entrada especialmente manipulada. • http://bugzilla.maptools.org/show_bug.cgi?id=2727 http://www.securityfocus.com/bid/100524 https://usn.ubuntu.com/3602-1 https://www.debian.org/security/2018/dsa-4100 • CWE-617: Reachable Assertion •