Page 16 of 96 results (0.006 seconds)

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0

The _TIFFVGetField function in tif_dirinfo.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via a crafted TIFF image. La función _TIFFVGetField en tif_dirinfo.c en LibTIFF 4.0.6 y versiones anteriores permite a atacantes remotos provocar una denegación de servicio (escritura fuera de límites) o ejecutar código arbitrario a través de una imagen TIFF manipulada. • http://bugzilla.maptools.org/show_bug.cgi?id=2549 http://rhn.redhat.com/errata/RHSA-2016-1546.html http://rhn.redhat.com/errata/RHSA-2016-1547.html http://www.openwall.com/lists/oss-security/2016/04/08/9 http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html http://www.securityfocus.com/bid/85953 http://www.securityfocus.com/bid/85960 https://bugzilla.redhat.com/show_bug&# • CWE-787: Out-of-bounds Write •

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0

Heap-based buffer overflow in the loadImage function in the tiffcrop tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via a crafted TIFF image with zero tiles. Desbordamiento de búfer basado en memoria dinámica en la función loadImage en la herramienta tiffcrop en LibTIFF 4.0.6 y versiones anteriores permite a atacantes remotos provocar una denegación de servicio (escritura fuera de límites) o ejecutar código arbitrario a través de una imagen TIFF manipulada con cero azulejos. • http://bugzilla.maptools.org/show_bug.cgi?id=2543 http://lists.opensuse.org/opensuse-updates/2016-09/msg00039.html http://rhn.redhat.com/errata/RHSA-2016-1546.html http://rhn.redhat.com/errata/RHSA-2016-1547.html http://www.debian.org/security/2017/dsa-3762 http://www.openwall.com/lists/oss-security/2016/04/12/3 http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html http:&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •

CVSS: 7.8EPSS: 1%CPEs: 3EXPL: 0

Heap-based buffer overflow in the horizontalDifference8 function in tif_pixarlog.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted TIFF image to tiffcp. Desbordamiento de búfer basado en memoria dinámica en la función horizontalDifference8 en tif_pixarlog.c en LibTIFF 4.0.6 y versiones anteriores permite a atacantes remotos provocar una denegación de servicio (caída) o ejecutar código arbitrario a través de una imagen TIFF manipulada para tiffcp. • http://bugzilla.maptools.org/show_bug.cgi?id=2544 http://lists.opensuse.org/opensuse-updates/2016-09/msg00039.html http://rhn.redhat.com/errata/RHSA-2016-1546.html http://rhn.redhat.com/errata/RHSA-2016-1547.html http://www.debian.org/security/2017/dsa-3762 http://www.openwall.com/lists/oss-security/2016/04/12/2 http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html http:&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •

CVSS: 6.8EPSS: 3%CPEs: 3EXPL: 0

The NeXTDecode function in tif_next.c in LibTIFF allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted TIFF image, as demonstrated by libtiff5.tif. La función NeXTDecode en tif_next.c en LibTIFF permite a atacantes remotos provocar una denegación de servicio (escritura fuera de rango) a través de una imagen TIFF manipulada, según lo demostrado por libtiff5.tif. • http://bugzilla.maptools.org/show_bug.cgi?id=2508 http://rhn.redhat.com/errata/RHSA-2016-1546.html http://rhn.redhat.com/errata/RHSA-2016-1547.html http://www.debian.org/security/2016/dsa-3467 http://www.openwall.com/lists/oss-security/2016/01/24/4 http://www.openwall.com/lists/oss-security/2016/01/24/8 http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html http:/& • CWE-787: Out-of-bounds Write •

CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0

tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bounds write) via an invalid number of samples per pixel in a LogL compressed TIFF image, a different vulnerability than CVE-2015-8782. tif_luv.c en libtiff permite a atacantes provocar una denegación de servicio (escritura fuera de rango) a través de un número no válido de muestras por píxel en una imagen TIFF comprimida con LogL, una vulnerabilidad diferente a CVE-2015-8782. • http://bugzilla.maptools.org/show_bug.cgi?id=2522#c0 http://lists.opensuse.org/opensuse-updates/2016-02/msg00058.html http://lists.opensuse.org/opensuse-updates/2016-02/msg00064.html http://rhn.redhat.com/errata/RHSA-2016-1546.html http://rhn.redhat.com/errata/RHSA-2016-1547.html http://www.debian.org/security/2016/dsa-3467 http://www.openwall.com/lists/oss-security/2016/01/24/3 http://www.openwall.com/lists/oss-security/2016/01/24/7 http://www.oracle.com& • CWE-787: Out-of-bounds Write •