CVE-2018-5784
https://notcve.org/view.php?id=CVE-2018-5784
In LibTIFF 4.0.9, there is an uncontrolled resource consumption in the TIFFSetDirectory function of tif_dir.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted tif file. This occurs because the declared number of directory entries is not validated against the actual number of directory entries. En LibTIFF 4.0.9, hay un consumo no controlado de recursos en la función TIFFSetDirectory de tif_dir.c. Los atacantes remotos pueden aprovechar esta vulnerabilidad para provocar una denegación de servicio (DoS) mediante un archivo tif manipulado. • http://bugzilla.maptools.org/show_bug.cgi?id=2772 https://gitlab.com/libtiff/libtiff/commit/473851d211cf8805a161820337ca74cc9615d6ef https://lists.debian.org/debian-lts-announce/2018/05/msg00022.html https://lists.debian.org/debian-lts-announce/2018/07/msg00002.html https://usn.ubuntu.com/3602-1 https://usn.ubuntu.com/3606-1 https://www.debian.org/security/2018/dsa-4349 • CWE-400: Uncontrolled Resource Consumption •
CVE-2018-5360
https://notcve.org/view.php?id=CVE-2018-5360
LibTIFF before 4.0.6 mishandles the reading of TIFF files, as demonstrated by a heap-based buffer over-read in the ReadTIFFImage function in coders/tiff.c in GraphicsMagick 1.3.27. LibTIFF 4.0.9 gestiona de manera incorrecta la lectura de archivos TIFF, tal y como demuestra una sobrelectura de búfer basada en memoria dinámica (heap) en la función ReadTIFFImage en coders/tiff.c en GraphicsMagick 1.3.27. • http://bugzilla.maptools.org/show_bug.cgi?id=2500 https://gitlab.com/libtiff/libtiff/commit/739dcd28a061738b317c1e9f91029d9cbc157159 https://sourceforge.net/p/graphicsmagick/bugs/540 • CWE-125: Out-of-bounds Read •
CVE-2017-18013
https://notcve.org/view.php?id=CVE-2017-18013
In LibTIFF 4.0.9, there is a Null-Pointer Dereference in the tif_print.c TIFFPrintDirectory function, as demonstrated by a tiffinfo crash. En LibTIFF 4.0.9, existe una desreferencia de puntero NULL en la función TIFFPrintDirectory en tif_print.c, tal y como se demuestra con un cierre inesperado de tiffinfo. • http://bugzilla.maptools.org/show_bug.cgi?id=2770 http://www.securityfocus.com/bid/102345 https://gitlab.com/libtiff/libtiff/commit/c6f41df7b581402dfba3c19a1e3df4454c551a01 https://lists.debian.org/debian-lts-announce/2018/01/msg00033.html https://lists.debian.org/debian-lts-announce/2018/01/msg00034.html https://usn.ubuntu.com/3602-1 https://usn.ubuntu.com/3606-1 https://www.debian.org/security/2018/dsa-4100 • CWE-476: NULL Pointer Dereference •
CVE-2017-17973
https://notcve.org/view.php?id=CVE-2017-17973
In LibTIFF 4.0.8, there is a heap-based use-after-free in the t2p_writeproc function in tiff2pdf.c. NOTE: there is a third-party report of inability to reproduce this issue ** EN DISPUTA ** En LibTIFF 4.0.8, hay un uso de memoria dinámica (heap) previamente liberada en la función t2p_writeproc en tiff2pdf.c. NOTA: hay un informe de terceros que establece que es imposible reproducir este problema. • http://bugzilla.maptools.org/show_bug.cgi?id=2769 http://www.securityfocus.com/bid/102331 https://bugzilla.novell.com/show_bug.cgi?id=1074318 https://bugzilla.redhat.com/show_bug.cgi?id=1530912 • CWE-416: Use After Free •
CVE-2017-17942
https://notcve.org/view.php?id=CVE-2017-17942
In LibTIFF 4.0.9, there is a heap-based buffer over-read in the function PackBitsEncode in tif_packbits.c. En LibTIFF 4.0.9, hay una sobrelectura de búfer basada en memoria dinámica (heap) en la función PackBitsEncode en tif_packbits.c. • http://bugzilla.maptools.org/show_bug.cgi?id=2767 http://www.securityfocus.com/bid/102312 • CWE-125: Out-of-bounds Read •