CVE-2023-41175 – Libtiff: potential integer overflow in raw2tiff.c
https://notcve.org/view.php?id=CVE-2023-41175
A vulnerability was found in libtiff due to multiple potential integer overflows in raw2tiff.c. This flaw allows remote attackers to cause a denial of service or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow. Se encontró una vulnerabilidad en libtiff debido a múltiples posibles desbordamientos de enteros en raw2tiff.c. Esta falla permite a atacantes remotos provocar una denegación de servicio o posiblemente ejecutar un código arbitrario a través de una imagen tiff manipulada, lo que desencadena un desbordamiento del búfer. • https://access.redhat.com/errata/RHSA-2024:2289 https://access.redhat.com/security/cve/CVE-2023-41175 https://bugzilla.redhat.com/show_bug.cgi?id=2235264 • CWE-190: Integer Overflow or Wraparound CWE-680: Integer Overflow to Buffer Overflow •
CVE-2023-40745 – Libtiff: integer overflow in tiffcp.c
https://notcve.org/view.php?id=CVE-2023-40745
LibTIFF is vulnerable to an integer overflow. This flaw allows remote attackers to cause a denial of service (application crash) or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow. LibTIFF es vulnerable a un desbordamiento de enteros. Esta falla permite a atacantes remotos provocar una denegación de servicio (caída de la aplicación) o posiblemente ejecutar un código arbitrario a través de una imagen tiff manipulada, lo que desencadena un desbordamiento del búfer. • https://access.redhat.com/errata/RHSA-2024:2289 https://access.redhat.com/security/cve/CVE-2023-40745 https://bugzilla.redhat.com/show_bug.cgi?id=2235265 https://security.netapp.com/advisory/ntap-20231110-0005 • CWE-190: Integer Overflow or Wraparound •
CVE-2023-3576 – Libtiff: memory leak in tiffcrop.c
https://notcve.org/view.php?id=CVE-2023-3576
A memory leak flaw was found in Libtiff's tiffcrop utility. This issue occurs when tiffcrop operates on a TIFF image file, allowing an attacker to pass a crafted TIFF image file to tiffcrop utility, which causes this memory leak issue, resulting an application crash, eventually leading to a denial of service. Se encontró una falla de pérdida de memoria en la utilidad tiffcrop de Libatiff. Este problema se produce cuando tiffcrop opera en un archivo de imagen TIFF, lo que permite a un atacante pasar un archivo de imagen TIFF manipulado a la utilidad tiffcrop, lo que provoca este problema de pérdida de memoria, un bloqueo de la aplicación y, finalmente, una denegación de servicio. • https://access.redhat.com/errata/RHSA-2023:6575 https://access.redhat.com/security/cve/CVE-2023-3576 https://bugzilla.redhat.com/show_bug.cgi?id=2219340 https://lists.debian.org/debian-lts-announce/2024/03/msg00011.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-401: Missing Release of Memory after Effective Lifetime •
CVE-2022-40090 – libtiff: infinite loop via a crafted TIFF file
https://notcve.org/view.php?id=CVE-2022-40090
An issue was discovered in function TIFFReadDirectory libtiff before 4.4.0 allows attackers to cause a denial of service via crafted TIFF file. Se ha descubierto un problema en la función TIFFReadDirectory de libtiff anterior a 4.4.0 que permite a los atacantes provocar una denegación de servicio a través de un archivo TIFF manipulado. A flaw was found in the libtiff library. This issue allows an attacker who can submit a specially crafted file to an application linked with libtiff to cause an infinite loop, resulting in a denial of service. • https://gitlab.com/libtiff/libtiff/-/issues/455 https://gitlab.com/libtiff/libtiff/-/merge_requests/386 https://access.redhat.com/security/cve/CVE-2022-40090 https://bugzilla.redhat.com/show_bug.cgi?id=2234970 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVE-2020-18768
https://notcve.org/view.php?id=CVE-2020-18768
There exists one heap buffer overflow in _TIFFmemcpy in tif_unix.c in libtiff 4.0.10, which allows an attacker to cause a denial-of-service through a crafted tiff file. • http://bugzilla.maptools.org/show_bug.cgi?id=2848 • CWE-787: Out-of-bounds Write •