CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-9538
https://notcve.org/view.php?id=CVE-2016-9538
tools/tiffcrop.c in libtiff 4.0.6 reads an undefined buffer in readContigStripsIntoBuffer() because of a uint16 integer overflow. Reported as MSVR 35100. tools/tiffcrop.c en libtiff 4.0.6 lee un búfer no definido en readContigStripsIntoBuffer() a causa de un desbordamiento de entero uint16. Reportado como MSVR 35100. • http://www.debian.org/security/2017/dsa-3762 http://www.securityfocus.com/bid/94484 http://www.securityfocus.com/bid/94753 https://github.com/vadz/libtiff/commit/43c0b81a818640429317c80fea1e66771e85024b#diff-c8b4b355f9b5c06d585b23138e1c185f • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 0CVE-2016-9536 – libtiff: t2p_process_jpeg_strip heap-buffer-overflow
https://notcve.org/view.php?id=CVE-2016-9536
tools/tiff2pdf.c in libtiff 4.0.6 has out-of-bounds write vulnerabilities in heap allocated buffers in t2p_process_jpeg_strip(). Reported as MSVR 35098, aka "t2p_process_jpeg_strip heap-buffer-overflow." tools/tiff2pdf.c en libtiff 4.0.6 tiene vulnerabilidades de escritura fuera de límites en bufers alojados en memoria dinámica en t2p_process_jpeg_strip(). Reportado como MSVR 35098, vulnerabilidad también conocida como "t2p_process_jpeg_strip heap-buffer-overflow". • http://rhn.redhat.com/errata/RHSA-2017-0225.html http://www.debian.org/security/2017/dsa-3762 http://www.securityfocus.com/bid/94484 http://www.securityfocus.com/bid/94745 https://github.com/vadz/libtiff/commit/83a4b92815ea04969d494416eaae3d4c6b338e4a#diff-5173a9b3b48146e4fd86d7b9b346115e https://access.redhat.com/security/cve/CVE-2016-9536 https://bugzilla.redhat.com/show_bug.cgi?id=1397758 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 1CVE-2016-9534 – libtiff: TIFFFlushData1 heap-buffer-overflow
https://notcve.org/view.php?id=CVE-2016-9534
tif_write.c in libtiff 4.0.6 has an issue in the error code path of TIFFFlushData1() that didn't reset the tif_rawcc and tif_rawcp members. Reported as MSVR 35095, aka "TIFFFlushData1 heap-buffer-overflow." tif_write.c en libtiff 4.0.6 tiene un problema en la ruta del código de error de TIFFFlushData1() que no restableció los miembros tif_rawcc y tif_rawcp. Reportado como MSVR 35095, vulnerabilidad también conocida como "TIFFFlushData1 heap-buffer-overflow". • http://rhn.redhat.com/errata/RHSA-2017-0225.html http://www.debian.org/security/2017/dsa-3762 http://www.securityfocus.com/bid/94484 http://www.securityfocus.com/bid/94743 https://github.com/vadz/libtiff/commit/83a4b92815ea04969d494416eaae3d4c6b338e4a#diff-5be5ce02d0dea67050d5b2a10102d1ba https://access.redhat.com/security/cve/CVE-2016-9534 https://bugzilla.redhat.com/show_bug.cgi?id=1397751 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 0CVE-2016-9533 – libtiff: PixarLog horizontalDifference heap-buffer-overflow
https://notcve.org/view.php?id=CVE-2016-9533
tif_pixarlog.c in libtiff 4.0.6 has out-of-bounds write vulnerabilities in heap allocated buffers. Reported as MSVR 35094, aka "PixarLog horizontalDifference heap-buffer-overflow." tif_pixarlog.c en libtiff 4.0.6 tiene vulnerabilidades de escritura fuera de límites en bufers alojados en memoria dinámica. Reportada como SVR 35094, vulnerabilidad también conocida como "PixarLog horizontalDifference heap-buffer-overflow". • http://rhn.redhat.com/errata/RHSA-2017-0225.html http://www.debian.org/security/2017/dsa-3762 http://www.securityfocus.com/bid/94484 http://www.securityfocus.com/bid/94742 https://github.com/vadz/libtiff/commit/83a4b92815ea04969d494416eaae3d4c6b338e4a#diff-bdc795f6afeb9558c1012b3cfae729ef https://access.redhat.com/security/cve/CVE-2016-9533 https://bugzilla.redhat.com/show_bug.cgi?id=1397769 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 0CVE-2016-9540 – libtiff: cpStripToTile heap-buffer-overflow
https://notcve.org/view.php?id=CVE-2016-9540
tools/tiffcp.c in libtiff 4.0.6 has an out-of-bounds write on tiled images with odd tile width versus image width. Reported as MSVR 35103, aka "cpStripToTile heap-buffer-overflow." tools/tiffcp.c en libtiff 4.0.6 tiene una escritura fuera de límites en imágenes tiled con un ancho de tile extraño frente al ancho de la imagen. Reportado como MSVR 35103, vulnerabilidad también conocida como "cpStripToTile heap-buffer-overflow". • http://rhn.redhat.com/errata/RHSA-2017-0225.html http://www.debian.org/security/2017/dsa-3762 http://www.securityfocus.com/bid/94484 http://www.securityfocus.com/bid/94747 https://github.com/vadz/libtiff/commit/5ad9d8016fbb60109302d558f7edb2cb2a3bb8e3 https://access.redhat.com/security/cve/CVE-2016-9540 https://bugzilla.redhat.com/show_bug.cgi?id=1397768 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •