CVE-2012-4447 – libtiff: Heap-buffer overflow when processing a TIFF image with PixarLog Compression
https://notcve.org/view.php?id=CVE-2012-4447
Heap-based buffer overflow in tif_pixarlog.c in LibTIFF before 4.0.3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted TIFF image using the PixarLog Compression format. Desbordamiento de búfer basado en memoria dinámica en tif_pixarlog.c en libtiff antes de v4.0.3 permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) y posiblemente ejecutar código arbitrario a través de una imagen TIFF manipulada utilizando el formato PixarLog Compression. • http://lists.opensuse.org/opensuse-updates/2013-01/msg00076.html http://rhn.redhat.com/errata/RHSA-2012-1590.html http://secunia.com/advisories/49938 http://secunia.com/advisories/51049 http://www.debian.org/security/2012/dsa-2561 http://www.openwall.com/lists/oss-security/2012/09/25/14 http://www.openwall.com/lists/oss-security/2012/09/25/9 http://www.remotesensing.org/libtiff/v4.0.3.html http://www.securityfocus.com/bid/55673 http://www.ubuntu.com/usn • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVE-2012-3401 – (tiff2pdf): Heap-based buffer overflow due to improper initialization of T2P context struct pointer
https://notcve.org/view.php?id=CVE-2012-3401
The t2p_read_tiff_init function in tiff2pdf (tools/tiff2pdf.c) in LibTIFF 4.0.2 and earlier does not properly initialize the T2P context struct pointer in certain error conditions, which allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image that triggers a heap-based buffer overflow. La función t2p_read_tiff_init en tiff2pdf (tools/tiff2pdf.c) en libTIFF v4.0.2 y versiones anteriores no inicializa correctamente el puntero de la estructura de contexto T2P en determinadas condiciones de error, lo que permite causar una denegación de servicio (caída de la aplicación) y posiblemente ejecutar código de su elección a atacantes dependientes de contexto a través de una imagen TIFF debidamente modificada que provoca un desbordamiento de búfer basado en memoria dinámica (heap). • http://libjpeg-turbo.svn.sourceforge.net/viewvc/libjpeg-turbo?view=revision&revision=830 http://lists.opensuse.org/opensuse-updates/2012-08/msg00011.html http://osvdb.org/84090 http://rhn.redhat.com/errata/RHSA-2012-1590.html http://secunia.com/advisories/49938 http://secunia.com/advisories/50007 http://secunia.com/advisories/50726 http://security.gentoo.org/glsa/glsa-201209-02.xml http://www.debian.org/security/2012/dsa-2552 http://www.mandriva.com/security/advisories?name= • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVE-2012-2088 – libtiff: Type conversion flaw leading to heap-buffer overflow
https://notcve.org/view.php?id=CVE-2012-2088
Integer signedness error in the TIFFReadDirectory function in tif_dirread.c in libtiff 3.9.4 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a negative tile depth in a tiff image, which triggers an improper conversion between signed and unsigned types, leading to a heap-based buffer overflow. Error de signo de entero en la función TIFFReadDirectory en tif_dirread.c en libtiff v3.9.4 y anteriores permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) y posiblemente ejecutar código arbitrario a través de una profundidad en una imagen TIFF, lo que provoca una inadecuada conversión entre los tipos de signo y sin signo, dando lugar a un desbordamiento de búfer basado en memoria dinámica. • http://lists.apple.com/archives/security-announce/2013/Mar/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00010.html http://rhn.redhat.com/errata/RHSA-2012-1054.html http://secunia.com/advisories/49686 http://secunia.com/advisories/50726 http://security.gentoo.org/glsa/glsa-201209-02.xml http://support.apple.com/kb/HT6162 http://support.apple.com/kb/HT6163 http://www.mandriva.com/security/advisories?name=MDVSA-2012:101 http://www.securityfocus. • CWE-122: Heap-based Buffer Overflow CWE-189: Numeric Errors •
CVE-2012-2113 – libtiff: integer overflow in tiff2pdf leading to heap-buffer overflow when reading a tiled tiff file
https://notcve.org/view.php?id=CVE-2012-2113
Multiple integer overflows in tiff2pdf in libtiff before 4.0.2 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow. Múltiples desbordamientos de enteros en tiff2pdf en libtiff anterior a v4.0.2 permite a atacantes remotos causar una denegación de servicio (caída de aplicación) o posiblemente ejecutar código arbitrario a través de una elaborada imagen TIFF, lo que provoca un desbordamiento de búfer basado en memoria dinámica • http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00010.html http://rhn.redhat.com/errata/RHSA-2012-1054.html http://secunia.com/advisories/49493 http://secunia.com/advisories/49686 http://secunia.com/advisories/50726 http://security.gentoo.org/glsa/glsa-201209-02.xml http://www.debian.org/security/2012/dsa-2552 http://www.mandriva.com/security/advisories?name=MDVSA-2012:101 http://www.remotesensing.org/libtiff/v4.0.2.html http://www.securityfocus.com/bid/ • CWE-122: Heap-based Buffer Overflow CWE-189: Numeric Errors •
CVE-2010-4665 – libtiff tiffdump integer overflow
https://notcve.org/view.php?id=CVE-2010-4665
Integer overflow in the ReadDirectory function in tiffdump.c in tiffdump in LibTIFF before 3.9.5 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted TIFF file containing a directory data structure with many directory entries. Desbordamiento de enteros en la función ReadDirectory en tiffdump.c en tiffdump en LibTIFF antes de v3.9.5 permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) o posiblemente tener un impacto no especificado a través de un archivo TIFF debidamente modificado que contiene una estructura de directorios de datos con muchas entradas de directorio. • http://bugzilla.maptools.org/show_bug.cgi?id=2218 http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058478.html http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html http://openwall.com/lists/oss-security/2011/04/12/10 http://secunia.com/advisories/44271 http://secunia.com/advisories/50726 http://security.gentoo.org/glsa/glsa-201209-02.xml http://ubuntu.com/usn/usn-1416-1 http://www.debian.org/security/2012/dsa-2552 http://www& • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •