CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-0799 – libtiff: use-after-free in extractContigSamplesShifted32bits() in tools/tiffcrop.c
https://notcve.org/view.php?id=CVE-2023-0799
13 Feb 2023 — LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3701, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e. A flaw was found in tiffcrop, a program distributed by the libtiff package. A specially crafted tiff file can lead to a use-after-free problem in the extractContigSamplesShifted32bits function in tools/tiffcrop.c, resulting in a Denial of Service. It was discovered that Li... • https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0799.json • CWE-416: Use After Free •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-0800 – libtiff: out-of-bounds write in extractContigSamplesShifted16bits() in tools/tiffcrop.c
https://notcve.org/view.php?id=CVE-2023-0800
13 Feb 2023 — LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3502, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127. A flaw was found in tiffcrop, a program distributed by the libtiff package. A specially crafted tiff file can lead to an out-of-bounds write in the extractContigSamplesShifted16bits function in tools/tiffcrop.c, resulting in a Denial of Service and limited data modificati... • https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0800.json • CWE-787: Out-of-bounds Write •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-0801 – libtiff: out-of-bounds write in _TIFFmemcpy() in libtiff/tif_unix.c when called by functions in tools/tiffcrop.c
https://notcve.org/view.php?id=CVE-2023-0801
13 Feb 2023 — LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in libtiff/tif_unix.c:368, invoked by tools/tiffcrop.c:2903 and tools/tiffcrop.c:6778, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127. A flaw was found in tiffcrop, a program distributed by the libtiff package. A specially crafted tiff file can lead to an out-of-bounds write in the _TIFFmemcpy function in libtiff/tif_unix.c when called by funct... • https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0801.json • CWE-787: Out-of-bounds Write •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-0802 – libtiff: out-of-bounds write in extractContigSamplesShifted32bits() in tools/tiffcrop.c
https://notcve.org/view.php?id=CVE-2023-0802
13 Feb 2023 — LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3724, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127. A flaw was found in tiffcrop, a program distributed by the libtiff package. A specially crafted tiff file can lead to an out-of-bounds write in the extractContigSamplesShifted32bits function in tools/tiffcrop.c, resulting in a Denial of Service and limited data modificati... • https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0802.json • CWE-787: Out-of-bounds Write •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-0803 – libtiff: out-of-bounds write in extractContigSamplesShifted16bits() in tools/tiffcrop.c
https://notcve.org/view.php?id=CVE-2023-0803
13 Feb 2023 — LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3516, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127. A flaw was found in tiffcrop, a program distributed by the libtiff package. A specially crafted tiff file can lead to an out-of-bounds write in the extractContigSamplesShifted16bits function in tools/tiffcrop.c, resulting in a Denial of Service and limited data modificati... • https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0803.json • CWE-787: Out-of-bounds Write •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-0804 – libtiff: out-of-bounds write in extractContigSamplesShifted24bits() in tools/tiffcrop.c
https://notcve.org/view.php?id=CVE-2023-0804
13 Feb 2023 — LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3609, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127. A flaw was found in tiffcrop, a program distributed by the libtiff package. A specially crafted tiff file can lead to an out-of-bounds write in the extractContigSamplesShifted24bits function in tools/tiffcrop.c, resulting in a Denial of Service and limited data modificati... • https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0804.json • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1CVE-2022-48281 – libtiff: heap-based buffer overflow in processCropSelections() in tools/tiffcrop.c
https://notcve.org/view.php?id=CVE-2022-48281
23 Jan 2023 — processCropSelections in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based buffer overflow (e.g., "WRITE of size 307203") via a crafted TIFF image. A vulnerability was found in libtiff. This vulnerability occurs due to an issue in processCropSelections in the tools/tiffcrop.c function in LibTIFF that has a heap-based buffer overflow (for example, "WRITE of size 307203") via a crafted TIFF image. It was discovered that LibTIFF could be made to write out of bounds when processing certain malformed im... • https://gitlab.com/libtiff/libtiff/-/commit/d1b6b9c1b3cae2d9e37754506c1ad8f4f7b646b5 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 7EXPL: 1CVE-2022-3970 – LibTIFF tif_getimage.c TIFFReadRGBATileExt integer overflow
https://notcve.org/view.php?id=CVE-2022-3970
13 Nov 2022 — A vulnerability was found in LibTIFF. It has been classified as critical. This affects the function TIFFReadRGBATileExt of the file libtiff/tif_getimage.c. The manipulation leads to integer overflow. It is possible to initiate the attack remotely. • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=53137 • CWE-189: Numeric Errors CWE-680: Integer Overflow to Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1CVE-2022-3626 – libtiff: out-of-bounds write in _TIFFmemset in libtiff/tif_unix.c
https://notcve.org/view.php?id=CVE-2022-3626
21 Oct 2022 — LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemset in libtiff/tif_unix.c:340 when called from processCropSelections, tools/tiffcrop.c:7619, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 236b7191. LibTIFF versión 4.4.0, presenta una escritura fuera de límites en _TIFFmemset en el archivo libtiff/tif_unix.c:340 cuando se llama desde processCropSelections, tools/tiffcrop.c:7619, lo que permite a atacan... • https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3626.json • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2022-3627 – libtiff: out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c
https://notcve.org/view.php?id=CVE-2022-3627
21 Oct 2022 — LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c:346 when called from extractImageSection, tools/tiffcrop.c:6860, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 236b7191. LibTIFF versión 4.4.0, presenta una escritura fuera de límites en _TIFFmemcpy en el archivo libtiff/tif_unix.c:346 cuando se llama desde extractImageSection, tools/tiffcrop.c:6860, permitiendo a atacantes cau... • https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3627.json • CWE-787: Out-of-bounds Write •