Page 19 of 96 results (0.014 seconds)

CVSS: 9.3EPSS: 4%CPEs: 49EXPL: 0

Heap-based buffer overflow in the t2p_process_jpeg_strip function in tiff2pdf in libtiff 4.0.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image file. Desbordamiento de búfer basado en memoria dinámica en la función tp_process_jpeg_strip en tiff2pdf en libtiff 4.0.3 y anteriores, permite a atacantes remotos provocar una denegación de servicio (caída) y posiblemente la ejecución arbitraria de código a través de una imagen TIFF manipulada. • http://lists.fedoraproject.org/pipermail/package-announce/2013-May/104916.html http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105253.html http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105828.html http://lists.opensuse.org/opensuse-updates/2013-06/msg00058.html http://lists.opensuse.org/opensuse-updates/2013-06/msg00080.html http://rhn.redhat.com/errata/RHSA-2014-0223.html http://seclists.org/oss-sec/2013/q2/254 http://secunia.com/advisories/53237 ht • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •

CVSS: 6.8EPSS: 3%CPEs: 57EXPL: 0

Stack-based buffer overflow in tif_dir.c in LibTIFF before 4.0.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted DOTRANGE tag in a TIFF image. Desbordamiento de búfer basado en pila en tif_dir.c en LibTIFF anteriores a v4.0.2, permite a atacantes remotos provocar una denegación de servicio (caída) y posiblemente ejecutar código de su elección a través de una etiqueta DOTRANGE manipulada en una imagen TIFF. • http://lists.opensuse.org/opensuse-updates/2013-01/msg00076.html http://rhn.redhat.com/errata/RHSA-2012-1590.html http://secunia.com/advisories/51491 http://www.debian.org/security/2012/dsa-2589 http://www.openwall.com/lists/oss-security/2012/11/28/1 http://www.securityfocus.com/bid/56715 http://www.ubuntu.com/usn/USN-1655-1 https://bugzilla.redhat.com/show_bug.cgi?id=867235 https://exchange.xforce.ibmcloud.com/vulnerabilities/80339 https://access.redhat.com/secur • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •

CVSS: 6.8EPSS: 0%CPEs: 16EXPL: 1

ppm2tiff does not check the return value of the TIFFScanlineSize function, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PPM image that triggers an integer overflow, a zero-memory allocation, and a heap-based buffer overflow. ppm2tiff no comprueba el valor devuelto por la función TIFFScanlineSize, lo que permite a atacantes remotos provocar una denegación de servicio (caída) y posiblemente ejecutar código arbitrario a través de una imagen PPM modificada que provoca un desbordamiento de entero, una asignación zero-memory, y un desbordamiento de búfer basado en memoria dinámica. • http://lists.opensuse.org/opensuse-updates/2013-01/msg00076.html http://rhn.redhat.com/errata/RHSA-2012-1590.html http://secunia.com/advisories/51133 http://www.debian.org/security/2012/dsa-2575 http://www.openwall.com/lists/oss-security/2012/11/02/3 http://www.openwall.com/lists/oss-security/2012/11/02/7 http://www.osvdb.org/86878 http://www.securityfocus.com/bid/56372 http://www.ubuntu.com/usn/USN-1631-1 https://bugzilla.redhat.com/show_bug.cgi?i • CWE-122: Heap-based Buffer Overflow •

CVSS: 6.8EPSS: 3%CPEs: 58EXPL: 0

Heap-based buffer overflow in tif_pixarlog.c in LibTIFF before 4.0.3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted TIFF image using the PixarLog Compression format. Desbordamiento de búfer basado en memoria dinámica en tif_pixarlog.c en libtiff antes de v4.0.3 permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) y posiblemente ejecutar código arbitrario a través de una imagen TIFF manipulada utilizando el formato PixarLog Compression. • http://lists.opensuse.org/opensuse-updates/2013-01/msg00076.html http://rhn.redhat.com/errata/RHSA-2012-1590.html http://secunia.com/advisories/49938 http://secunia.com/advisories/51049 http://www.debian.org/security/2012/dsa-2561 http://www.openwall.com/lists/oss-security/2012/09/25/14 http://www.openwall.com/lists/oss-security/2012/09/25/9 http://www.remotesensing.org/libtiff/v4.0.3.html http://www.securityfocus.com/bid/55673 http://www.ubuntu.com/usn&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •

CVSS: 6.8EPSS: 0%CPEs: 57EXPL: 0

The t2p_read_tiff_init function in tiff2pdf (tools/tiff2pdf.c) in LibTIFF 4.0.2 and earlier does not properly initialize the T2P context struct pointer in certain error conditions, which allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image that triggers a heap-based buffer overflow. La función t2p_read_tiff_init en tiff2pdf (tools/tiff2pdf.c) en libTIFF v4.0.2 y versiones anteriores no inicializa correctamente el puntero de la estructura de contexto T2P en determinadas condiciones de error, lo que permite causar una denegación de servicio (caída de la aplicación) y posiblemente ejecutar código de su elección a atacantes dependientes de contexto a través de una imagen TIFF debidamente modificada que provoca un desbordamiento de búfer basado en memoria dinámica (heap). • http://libjpeg-turbo.svn.sourceforge.net/viewvc/libjpeg-turbo?view=revision&revision=830 http://lists.opensuse.org/opensuse-updates/2012-08/msg00011.html http://osvdb.org/84090 http://rhn.redhat.com/errata/RHSA-2012-1590.html http://secunia.com/advisories/49938 http://secunia.com/advisories/50007 http://secunia.com/advisories/50726 http://security.gentoo.org/glsa/glsa-201209-02.xml http://www.debian.org/security/2012/dsa-2552 http://www.mandriva.com/security/advisories?name= • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •