CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-30086 – libtiff: Heap buffer overflow in tiffcp() at tiffcp.c
https://notcve.org/view.php?id=CVE-2023-30086
09 May 2023 — Buffer Overflow vulnerability found in Libtiff V.4.0.7 allows a local attacker to cause a denial of service via the tiffcp function in tiffcp.c. A vulnerability was found in the libtiff library. This flaw causes a buffer overflow in libtiff that allows a local attacker to cause a denial of service via the tiffcp function in tiffcp.c. • http://libtiff-release-v4-0-7.com • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 6.2EPSS: 0%CPEs: 2EXPL: 1CVE-2023-30774 – libtiff: heap buffer overflow issues related to TIFFTAG_INKNAMES and related TIFFTAG_NUMBEROFINKS value
https://notcve.org/view.php?id=CVE-2023-30774
09 May 2023 — A vulnerability was found in the libtiff library. This flaw causes a heap buffer overflow issue via the TIFFTAG_INKNAMES and TIFFTAG_NUMBEROFINKS values. The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Issues addressed include buffer overflow, integer overflow, out of bounds read, and out of bounds write vulnerabilities. • http://seclists.org/fulldisclosure/2023/Oct/24 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-30775 – libtiff: Heap buffer overflow in extractContigSamples32bits, tiffcrop.c
https://notcve.org/view.php?id=CVE-2023-30775
09 May 2023 — A vulnerability was found in the libtiff library. This security flaw causes a heap buffer overflow in extractContigSamples32bits, tiffcrop.c. The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Issues addressed include buffer overflow, integer overflow, out of bounds read, and out of bounds write vulnerabilities. • https://access.redhat.com/security/cve/CVE-2023-30775 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 2CVE-2023-1916 – Ubuntu Security Notice USN-6428-1
https://notcve.org/view.php?id=CVE-2023-1916
10 Apr 2023 — A flaw was found in tiffcrop, a program distributed by the libtiff package. A specially crafted tiff file can lead to an out-of-bounds read in the extractImageSection function in tools/tiffcrop.c, resulting in a denial of service and limited information disclosure. This issue affects libtiff versions 4.x. It was discovered that LibTIFF could be made to read out of bounds when processing certain malformed image files with the tiffcrop utility. If a user were tricked into opening a specially crafted image fil... • https://gitlab.com/libtiff/libtiff/-/issues/536 • CWE-125: Out-of-bounds Read •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-4645 – libtiff: out-of-bounds read in tiffcp in tools/tiffcp.c
https://notcve.org/view.php?id=CVE-2022-4645
03 Mar 2023 — LibTIFF 4.4.0 has an out-of-bounds read in tiffcp in tools/tiffcp.c:948, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit e8131125. A flaw was found in tiffcp, a program distributed by the libtiff package. A specially crafted tiff file can lead to an out-of-bounds read in the tiffcp function in tools/tiffcp.c, resulting in a denial of service and limited information disclosure. The libtiff packages contain ... • https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-4645.json • CWE-125: Out-of-bounds Read •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-0795 – libtiff: out-of-bounds read in extractContigSamplesShifted16bits() in tools/tiffcrop.c
https://notcve.org/view.php?id=CVE-2023-0795
13 Feb 2023 — LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3488, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e. A flaw was found in tiffcrop, a program distributed by the libtiff package. A specially crafted tiff file can lead to an out-of-bounds read in the extractContigSamplesShifted16bits function in tools/tiffcrop.c, resulting in a Denial of Service and limited information discl... • https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0795.json • CWE-125: Out-of-bounds Read •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-0796 – libtiff: out-of-bounds read in extractContigSamplesShifted24bits() in tools/tiffcrop.c
https://notcve.org/view.php?id=CVE-2023-0796
13 Feb 2023 — LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3592, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e. A flaw was found in tiffcrop, a program distributed by the libtiff package. A specially crafted tiff file can lead to an out-of-bounds read in the extractContigSamplesShifted24bits function in tools/tiffcrop.c, resulting in a Denial of Service and limited information discl... • https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0796.json • CWE-125: Out-of-bounds Read •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-0797 – libtiff: out-of-bounds read in _TIFFmemcpy() in libtiff/tif_unix.c when called by functions in tools/tiffcrop.c
https://notcve.org/view.php?id=CVE-2023-0797
13 Feb 2023 — LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in libtiff/tif_unix.c:368, invoked by tools/tiffcrop.c:2903 and tools/tiffcrop.c:6921, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e. A flaw was found in tiffcrop, a program distributed by the libtiff package. A specially crafted tiff file can lead to an out-of-bounds read in the _TIFFmemcpy function in libtiff/tif_unix.c when called by functio... • https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0797.json • CWE-125: Out-of-bounds Read •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-0798 – libtiff: out-of-bounds read in extractContigSamplesShifted8bits() in tools/tiffcrop.c
https://notcve.org/view.php?id=CVE-2023-0798
13 Feb 2023 — LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3400, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e. A flaw was found in tiffcrop, a program distributed by the libtiff package. A specially crafted tiff file can lead to an out-of-bounds read in the extractContigSamplesShifted8bits function in tools/tiffcrop.c, resulting in a Denial of Service and limited information disclo... • https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0798.json • CWE-125: Out-of-bounds Read •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-0799 – libtiff: use-after-free in extractContigSamplesShifted32bits() in tools/tiffcrop.c
https://notcve.org/view.php?id=CVE-2023-0799
13 Feb 2023 — LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3701, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e. A flaw was found in tiffcrop, a program distributed by the libtiff package. A specially crafted tiff file can lead to a use-after-free problem in the extractContigSamplesShifted32bits function in tools/tiffcrop.c, resulting in a Denial of Service. It was discovered that Li... • https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0799.json • CWE-416: Use After Free •