CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-0801 – libtiff: out-of-bounds write in _TIFFmemcpy() in libtiff/tif_unix.c when called by functions in tools/tiffcrop.c
https://notcve.org/view.php?id=CVE-2023-0801
13 Feb 2023 — LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in libtiff/tif_unix.c:368, invoked by tools/tiffcrop.c:2903 and tools/tiffcrop.c:6778, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127. A flaw was found in tiffcrop, a program distributed by the libtiff package. A specially crafted tiff file can lead to an out-of-bounds write in the _TIFFmemcpy function in libtiff/tif_unix.c when called by funct... • https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0801.json • CWE-787: Out-of-bounds Write •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-0802 – libtiff: out-of-bounds write in extractContigSamplesShifted32bits() in tools/tiffcrop.c
https://notcve.org/view.php?id=CVE-2023-0802
13 Feb 2023 — LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3724, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127. A flaw was found in tiffcrop, a program distributed by the libtiff package. A specially crafted tiff file can lead to an out-of-bounds write in the extractContigSamplesShifted32bits function in tools/tiffcrop.c, resulting in a Denial of Service and limited data modificati... • https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0802.json • CWE-787: Out-of-bounds Write •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-0803 – libtiff: out-of-bounds write in extractContigSamplesShifted16bits() in tools/tiffcrop.c
https://notcve.org/view.php?id=CVE-2023-0803
13 Feb 2023 — LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3516, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127. A flaw was found in tiffcrop, a program distributed by the libtiff package. A specially crafted tiff file can lead to an out-of-bounds write in the extractContigSamplesShifted16bits function in tools/tiffcrop.c, resulting in a Denial of Service and limited data modificati... • https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0803.json • CWE-787: Out-of-bounds Write •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-0804 – libtiff: out-of-bounds write in extractContigSamplesShifted24bits() in tools/tiffcrop.c
https://notcve.org/view.php?id=CVE-2023-0804
13 Feb 2023 — LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3609, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127. A flaw was found in tiffcrop, a program distributed by the libtiff package. A specially crafted tiff file can lead to an out-of-bounds write in the extractContigSamplesShifted24bits function in tools/tiffcrop.c, resulting in a Denial of Service and limited data modificati... • https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0804.json • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1CVE-2022-48281 – libtiff: heap-based buffer overflow in processCropSelections() in tools/tiffcrop.c
https://notcve.org/view.php?id=CVE-2022-48281
23 Jan 2023 — processCropSelections in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based buffer overflow (e.g., "WRITE of size 307203") via a crafted TIFF image. A vulnerability was found in libtiff. This vulnerability occurs due to an issue in processCropSelections in the tools/tiffcrop.c function in LibTIFF that has a heap-based buffer overflow (for example, "WRITE of size 307203") via a crafted TIFF image. It was discovered that LibTIFF could be made to write out of bounds when processing certain malformed im... • https://gitlab.com/libtiff/libtiff/-/commit/d1b6b9c1b3cae2d9e37754506c1ad8f4f7b646b5 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 7EXPL: 1CVE-2022-3970 – LibTIFF tif_getimage.c TIFFReadRGBATileExt integer overflow
https://notcve.org/view.php?id=CVE-2022-3970
13 Nov 2022 — A vulnerability was found in LibTIFF. It has been classified as critical. This affects the function TIFFReadRGBATileExt of the file libtiff/tif_getimage.c. The manipulation leads to integer overflow. It is possible to initiate the attack remotely. • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=53137 • CWE-189: Numeric Errors CWE-680: Integer Overflow to Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1CVE-2022-3598 – libtiff: out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c
https://notcve.org/view.php?id=CVE-2022-3598
21 Oct 2022 — LibTIFF 4.4.0 has an out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c:3604, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit cfbb883b. LibTIFF versión 4.4.0, presenta una escritura fuera de límites en extractContigSamplesShifted24bits en el archivo tools/tiffcrop.c:3604, lo que permite a atacantes causar una denegación de servicio por medio de un archivo tiff diseñado. Para los u... • https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3598.json • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2022-3597 – libtiff: out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix
https://notcve.org/view.php?id=CVE-2022-3597
21 Oct 2022 — LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c:346 when called from extractImageSection, tools/tiffcrop.c:6826, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 236b7191. LibTIFF versión 4.4.0, presenta una escritura fuera de límites en el archivo _TIFFmemcpy en libtiff/tif_unix.c:346 cuando es llamado desde extractImageSection, tools/tiffcrop.c:6826, permitiendo a atacantes c... • https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3597.json • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2022-3599 – libtiff: out-of-bounds read in writeSingleSection in tools/tiffcrop.c
https://notcve.org/view.php?id=CVE-2022-3599
21 Oct 2022 — LibTIFF 4.4.0 has an out-of-bounds read in writeSingleSection in tools/tiffcrop.c:7345, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit e8131125. LibTIFF versión 4.4.0, presenta una lectura fuera de límites en writeSingleSection en el archivo tools/tiffcrop.c:7345, lo que permite a atacantes causar una denegación de servicio por medio de un archivo tiff diseñado. Para los usuarios que compilan libtiff desd... • https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3599.json • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1CVE-2022-3626 – libtiff: out-of-bounds write in _TIFFmemset in libtiff/tif_unix.c
https://notcve.org/view.php?id=CVE-2022-3626
21 Oct 2022 — LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemset in libtiff/tif_unix.c:340 when called from processCropSelections, tools/tiffcrop.c:7619, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 236b7191. LibTIFF versión 4.4.0, presenta una escritura fuera de límites en _TIFFmemset en el archivo libtiff/tif_unix.c:340 cuando se llama desde processCropSelections, tools/tiffcrop.c:7619, lo que permite a atacan... • https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3626.json • CWE-787: Out-of-bounds Write •