CVSS: 6.5EPSS: 0%CPEs: 13EXPL: 3CVE-2006-2026 – LibTiff 3.x - Double-Free Memory Corruption
https://notcve.org/view.php?id=CVE-2006-2026
Double free vulnerability in tif_jpeg.c in libtiff before 3.8.1 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image that triggers errors related to "setfield/getfield methods in cleanup functions." • https://www.exploit-db.com/exploits/27765 ftp://patches.sgi.com/support/free/security/advisories/20060501-01-U.asc http://bugzilla.remotesensing.org/show_bug.cgi?id=1102 http://secunia.com/advisories/19838 http://secunia.com/advisories/19897 http://secunia.com/advisories/19936 http://secunia.com/advisories/19949 http://secunia.com/advisories/19964 http://secunia.com/advisories/20021 http://secunia.com/advisories/20023 http://secunia.com/advisories/20210 http://secunia.com • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 33%CPEs: 12EXPL: 1CVE-2005-1544 – LibTiff 3.7.1 - BitsPerSample Tag Local Buffer Overflow
https://notcve.org/view.php?id=CVE-2005-1544
Stack-based buffer overflow in libTIFF before 3.7.2 allows remote attackers to execute arbitrary code via a TIFF file with a malformed BitsPerSample tag. • https://www.exploit-db.com/exploits/1554 ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.3/SCOSA-2006.3.txt ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.34/SCOSA-2005.34.txt http://bugs.gentoo.org/show_bug.cgi?id=91584 http://bugzilla.remotesensing.org/show_bug.cgi?id=843 http://secunia.com/advisories/15320 http://secunia.com/advisories/16872 http://secunia.com/advisories/18289 http://secunia.com/advisories/18943 http://securitytracker.com/id?1013944 h •
CVSS: 5.1EPSS: 8%CPEs: 12EXPL: 0CVE-2004-1183
https://notcve.org/view.php?id=CVE-2004-1183
Integer overflow in the tiffdump utility for libtiff 3.7.1 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted TIFF file. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000920 http://marc.info/?l=bugtraq&m=110503635113419&w=2 http://secunia.com/advisories/13728 http://secunia.com/advisories/13776 http://security.gentoo.org/glsa/glsa-200501-06.xml http://www.debian.org/security/2004/dsa-626 http://www.mandriva.com/security/advisories?name=MDKSA-2005:001 http://www.mandriva.com/security/advisories?name=MDKSA-2005:002 http://www.mandriva.com/security/advisories? •