CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-0797 – libtiff: out-of-bounds read in _TIFFmemcpy() in libtiff/tif_unix.c when called by functions in tools/tiffcrop.c
https://notcve.org/view.php?id=CVE-2023-0797
13 Feb 2023 — LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in libtiff/tif_unix.c:368, invoked by tools/tiffcrop.c:2903 and tools/tiffcrop.c:6921, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e. A flaw was found in tiffcrop, a program distributed by the libtiff package. A specially crafted tiff file can lead to an out-of-bounds read in the _TIFFmemcpy function in libtiff/tif_unix.c when called by functio... • https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0797.json • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1CVE-2022-48281 – libtiff: heap-based buffer overflow in processCropSelections() in tools/tiffcrop.c
https://notcve.org/view.php?id=CVE-2022-48281
23 Jan 2023 — processCropSelections in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based buffer overflow (e.g., "WRITE of size 307203") via a crafted TIFF image. A vulnerability was found in libtiff. This vulnerability occurs due to an issue in processCropSelections in the tools/tiffcrop.c function in LibTIFF that has a heap-based buffer overflow (for example, "WRITE of size 307203") via a crafted TIFF image. It was discovered that LibTIFF could be made to write out of bounds when processing certain malformed im... • https://gitlab.com/libtiff/libtiff/-/commit/d1b6b9c1b3cae2d9e37754506c1ad8f4f7b646b5 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 7EXPL: 1CVE-2022-3970 – LibTIFF tif_getimage.c TIFFReadRGBATileExt integer overflow
https://notcve.org/view.php?id=CVE-2022-3970
13 Nov 2022 — A vulnerability was found in LibTIFF. It has been classified as critical. This affects the function TIFFReadRGBATileExt of the file libtiff/tif_getimage.c. The manipulation leads to integer overflow. It is possible to initiate the attack remotely. • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=53137 • CWE-189: Numeric Errors CWE-680: Integer Overflow to Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1CVE-2022-3626 – libtiff: out-of-bounds write in _TIFFmemset in libtiff/tif_unix.c
https://notcve.org/view.php?id=CVE-2022-3626
21 Oct 2022 — LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemset in libtiff/tif_unix.c:340 when called from processCropSelections, tools/tiffcrop.c:7619, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 236b7191. LibTIFF versión 4.4.0, presenta una escritura fuera de límites en _TIFFmemset en el archivo libtiff/tif_unix.c:340 cuando se llama desde processCropSelections, tools/tiffcrop.c:7619, lo que permite a atacan... • https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3626.json • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2022-3597 – libtiff: out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix
https://notcve.org/view.php?id=CVE-2022-3597
21 Oct 2022 — LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c:346 when called from extractImageSection, tools/tiffcrop.c:6826, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 236b7191. LibTIFF versión 4.4.0, presenta una escritura fuera de límites en el archivo _TIFFmemcpy en libtiff/tif_unix.c:346 cuando es llamado desde extractImageSection, tools/tiffcrop.c:6826, permitiendo a atacantes c... • https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3597.json • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1CVE-2022-3598 – libtiff: out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c
https://notcve.org/view.php?id=CVE-2022-3598
21 Oct 2022 — LibTIFF 4.4.0 has an out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c:3604, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit cfbb883b. LibTIFF versión 4.4.0, presenta una escritura fuera de límites en extractContigSamplesShifted24bits en el archivo tools/tiffcrop.c:3604, lo que permite a atacantes causar una denegación de servicio por medio de un archivo tiff diseñado. Para los u... • https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3598.json • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2022-3599 – libtiff: out-of-bounds read in writeSingleSection in tools/tiffcrop.c
https://notcve.org/view.php?id=CVE-2022-3599
21 Oct 2022 — LibTIFF 4.4.0 has an out-of-bounds read in writeSingleSection in tools/tiffcrop.c:7345, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit e8131125. LibTIFF versión 4.4.0, presenta una lectura fuera de límites en writeSingleSection en el archivo tools/tiffcrop.c:7345, lo que permite a atacantes causar una denegación de servicio por medio de un archivo tiff diseñado. Para los usuarios que compilan libtiff desd... • https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3599.json • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2022-3627 – libtiff: out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c
https://notcve.org/view.php?id=CVE-2022-3627
21 Oct 2022 — LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c:346 when called from extractImageSection, tools/tiffcrop.c:6860, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 236b7191. LibTIFF versión 4.4.0, presenta una escritura fuera de límites en _TIFFmemcpy en el archivo libtiff/tif_unix.c:346 cuando se llama desde extractImageSection, tools/tiffcrop.c:6860, permitiendo a atacantes cau... • https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3627.json • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 2CVE-2022-1354 – libtiff: heap-buffer-overflow in TIFFReadRawDataStriped() in tiffinfo.c
https://notcve.org/view.php?id=CVE-2022-1354
31 Aug 2022 — A heap buffer overflow flaw was found in Libtiffs' tiffinfo.c in TIFFReadRawDataStriped() function. This flaw allows an attacker to pass a crafted TIFF file to the tiffinfo tool, triggering a heap buffer overflow issue and causing a crash that leads to a denial of service. Se ha encontrado un fallo de desbordamiento del búfer de la pila en el archivo tiffinfo.c de Libtiffs, en la función TIFFReadRawDataStriped(). Este defecto permite a un atacante pasar un archivo TIFF diseñado a la herramienta tiffinfo, de... • https://access.redhat.com/security/cve/CVE-2022-1354 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 6.6EPSS: 0%CPEs: 10EXPL: 2CVE-2022-1355 – libtiff: stack-buffer-overflow in tiffcp.c in main()
https://notcve.org/view.php?id=CVE-2022-1355
31 Aug 2022 — A stack buffer overflow flaw was found in Libtiffs' tiffcp.c in main() function. This flaw allows an attacker to pass a crafted TIFF file to the tiffcp tool, triggering a stack buffer overflow issue, possibly corrupting the memory, and causing a crash that leads to a denial of service. Se ha encontrado un fallo de desbordamiento del búfer de la pila en la función main() del archivo tiffcp.c de Libtiffs. Este defecto permite a un atacante pasar un archivo TIFF diseñado a la herramienta tiffcp, desencadenando... • https://access.redhat.com/security/cve/CVE-2022-1355 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •