CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 0CVE-2016-9540 – libtiff: cpStripToTile heap-buffer-overflow
https://notcve.org/view.php?id=CVE-2016-9540
tools/tiffcp.c in libtiff 4.0.6 has an out-of-bounds write on tiled images with odd tile width versus image width. Reported as MSVR 35103, aka "cpStripToTile heap-buffer-overflow." tools/tiffcp.c en libtiff 4.0.6 tiene una escritura fuera de límites en imágenes tiled con un ancho de tile extraño frente al ancho de la imagen. Reportado como MSVR 35103, vulnerabilidad también conocida como "cpStripToTile heap-buffer-overflow". • http://rhn.redhat.com/errata/RHSA-2017-0225.html http://www.debian.org/security/2017/dsa-3762 http://www.securityfocus.com/bid/94484 http://www.securityfocus.com/bid/94747 https://github.com/vadz/libtiff/commit/5ad9d8016fbb60109302d558f7edb2cb2a3bb8e3 https://access.redhat.com/security/cve/CVE-2016-9540 https://bugzilla.redhat.com/show_bug.cgi?id=1397768 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 0CVE-2016-9537 – libtiff: Out-of-bounds write vulnerabilities in tools/tiffcrop.c
https://notcve.org/view.php?id=CVE-2016-9537
tools/tiffcrop.c in libtiff 4.0.6 has out-of-bounds write vulnerabilities in buffers. Reported as MSVR 35093, MSVR 35096, and MSVR 35097. tools/tiffcrop.c en libtiff 4.0.6 tiene vulnerabilidades de escritura fuera de límites en bufers. Reportado como MSVR 35093, MSVR 35096 y MSVR 35097. • http://rhn.redhat.com/errata/RHSA-2017-0225.html http://www.debian.org/security/2017/dsa-3762 http://www.securityfocus.com/bid/94484 http://www.securityfocus.com/bid/94746 https://github.com/vadz/libtiff/commit/83a4b92815ea04969d494416eaae3d4c6b338e4a#diff-c8b4b355f9b5c06d585b23138e1c185f https://access.redhat.com/security/cve/CVE-2016-9537 https://bugzilla.redhat.com/show_bug.cgi?id=1397760 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-9539
https://notcve.org/view.php?id=CVE-2016-9539
tools/tiffcrop.c in libtiff 4.0.6 has an out-of-bounds read in readContigTilesIntoBuffer(). Reported as MSVR 35092. tools/tiffcrop.c en libtiff 4.0.6 tiene una lectura fuera de límites en readContigTilesIntoBuffer(). Reportado como MSVR 35092. • http://www.securityfocus.com/bid/94484 http://www.securityfocus.com/bid/94754 https://github.com/vadz/libtiff/commit/ae9365db1b271b62b35ce018eac8799b1d5e8a53 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2016-9535 – libtiff: Predictor heap-buffer-overflow
https://notcve.org/view.php?id=CVE-2016-9535
tif_predict.h and tif_predict.c in libtiff 4.0.6 have assertions that can lead to assertion failures in debug mode, or buffer overflows in release mode, when dealing with unusual tile size like YCbCr with subsampling. Reported as MSVR 35105, aka "Predictor heap-buffer-overflow." tif_predict.h y tif_predict.c en libtiff 4.0.6 tienen aserciones que pueden conducir a fallos de aserción en modo debug, o desbordamientos de búfer en modo de liberación, cuando trata con un tamaño inusual de tile como YCbCr con submuestreo. Reportado como MSVR 35105, vulnerabilidad también conocida como "Predictor heap-buffer-overflow". • http://rhn.redhat.com/errata/RHSA-2017-0225.html http://www.debian.org/security/2017/dsa-3844 http://www.securityfocus.com/bid/94484 http://www.securityfocus.com/bid/94744 https://github.com/vadz/libtiff/commit/3ca657a8793dd011bf869695d72ad31c779c3cc1 https://github.com/vadz/libtiff/commit/6a984bf7905c6621281588431f384e79d11a2e33 https://access.redhat.com/security/cve/CVE-2016-9535 https://bugzilla.redhat.com/show_bug.cgi?id=1397755 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 8.1EPSS: 9%CPEs: 1EXPL: 1CVE-2016-8331
https://notcve.org/view.php?id=CVE-2016-8331
An exploitable remote code execution vulnerability exists in the handling of TIFF images in LibTIFF version 4.0.6. A crafted TIFF document can lead to a type confusion vulnerability resulting in remote code execution. This vulnerability can be triggered via a TIFF file delivered to the application using LibTIFF's tag extension functionality. Existe una vulnerabilidad de ejecución remota de código explotable en el manejo de imágenes TIFF en LibTIFF versión 4.0.6. Un documento TIFF manipulado puede llevar a un tipo de vulnerabilidad de confusión resultando en ejecución remota de código. • http://www.securityfocus.com/bid/93898 http://www.talosintelligence.com/reports/TALOS-2016-0190 https://security.gentoo.org/glsa/201701-16 •