CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 0CVE-2016-9533 – libtiff: PixarLog horizontalDifference heap-buffer-overflow
https://notcve.org/view.php?id=CVE-2016-9533
tif_pixarlog.c in libtiff 4.0.6 has out-of-bounds write vulnerabilities in heap allocated buffers. Reported as MSVR 35094, aka "PixarLog horizontalDifference heap-buffer-overflow." tif_pixarlog.c en libtiff 4.0.6 tiene vulnerabilidades de escritura fuera de límites en bufers alojados en memoria dinámica. Reportada como SVR 35094, vulnerabilidad también conocida como "PixarLog horizontalDifference heap-buffer-overflow". • http://rhn.redhat.com/errata/RHSA-2017-0225.html http://www.debian.org/security/2017/dsa-3762 http://www.securityfocus.com/bid/94484 http://www.securityfocus.com/bid/94742 https://github.com/vadz/libtiff/commit/83a4b92815ea04969d494416eaae3d4c6b338e4a#diff-bdc795f6afeb9558c1012b3cfae729ef https://access.redhat.com/security/cve/CVE-2016-9533 https://bugzilla.redhat.com/show_bug.cgi?id=1397769 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 1CVE-2016-9534 – libtiff: TIFFFlushData1 heap-buffer-overflow
https://notcve.org/view.php?id=CVE-2016-9534
tif_write.c in libtiff 4.0.6 has an issue in the error code path of TIFFFlushData1() that didn't reset the tif_rawcc and tif_rawcp members. Reported as MSVR 35095, aka "TIFFFlushData1 heap-buffer-overflow." tif_write.c en libtiff 4.0.6 tiene un problema en la ruta del código de error de TIFFFlushData1() que no restableció los miembros tif_rawcc y tif_rawcp. Reportado como MSVR 35095, vulnerabilidad también conocida como "TIFFFlushData1 heap-buffer-overflow". • http://rhn.redhat.com/errata/RHSA-2017-0225.html http://www.debian.org/security/2017/dsa-3762 http://www.securityfocus.com/bid/94484 http://www.securityfocus.com/bid/94743 https://github.com/vadz/libtiff/commit/83a4b92815ea04969d494416eaae3d4c6b338e4a#diff-5be5ce02d0dea67050d5b2a10102d1ba https://access.redhat.com/security/cve/CVE-2016-9534 https://bugzilla.redhat.com/show_bug.cgi?id=1397751 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2016-9535 – libtiff: Predictor heap-buffer-overflow
https://notcve.org/view.php?id=CVE-2016-9535
tif_predict.h and tif_predict.c in libtiff 4.0.6 have assertions that can lead to assertion failures in debug mode, or buffer overflows in release mode, when dealing with unusual tile size like YCbCr with subsampling. Reported as MSVR 35105, aka "Predictor heap-buffer-overflow." tif_predict.h y tif_predict.c en libtiff 4.0.6 tienen aserciones que pueden conducir a fallos de aserción en modo debug, o desbordamientos de búfer en modo de liberación, cuando trata con un tamaño inusual de tile como YCbCr con submuestreo. Reportado como MSVR 35105, vulnerabilidad también conocida como "Predictor heap-buffer-overflow". • http://rhn.redhat.com/errata/RHSA-2017-0225.html http://www.debian.org/security/2017/dsa-3844 http://www.securityfocus.com/bid/94484 http://www.securityfocus.com/bid/94744 https://github.com/vadz/libtiff/commit/3ca657a8793dd011bf869695d72ad31c779c3cc1 https://github.com/vadz/libtiff/commit/6a984bf7905c6621281588431f384e79d11a2e33 https://access.redhat.com/security/cve/CVE-2016-9535 https://bugzilla.redhat.com/show_bug.cgi?id=1397755 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 0CVE-2016-9536 – libtiff: t2p_process_jpeg_strip heap-buffer-overflow
https://notcve.org/view.php?id=CVE-2016-9536
tools/tiff2pdf.c in libtiff 4.0.6 has out-of-bounds write vulnerabilities in heap allocated buffers in t2p_process_jpeg_strip(). Reported as MSVR 35098, aka "t2p_process_jpeg_strip heap-buffer-overflow." tools/tiff2pdf.c en libtiff 4.0.6 tiene vulnerabilidades de escritura fuera de límites en bufers alojados en memoria dinámica en t2p_process_jpeg_strip(). Reportado como MSVR 35098, vulnerabilidad también conocida como "t2p_process_jpeg_strip heap-buffer-overflow". • http://rhn.redhat.com/errata/RHSA-2017-0225.html http://www.debian.org/security/2017/dsa-3762 http://www.securityfocus.com/bid/94484 http://www.securityfocus.com/bid/94745 https://github.com/vadz/libtiff/commit/83a4b92815ea04969d494416eaae3d4c6b338e4a#diff-5173a9b3b48146e4fd86d7b9b346115e https://access.redhat.com/security/cve/CVE-2016-9536 https://bugzilla.redhat.com/show_bug.cgi?id=1397758 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 0CVE-2016-9537 – libtiff: Out-of-bounds write vulnerabilities in tools/tiffcrop.c
https://notcve.org/view.php?id=CVE-2016-9537
tools/tiffcrop.c in libtiff 4.0.6 has out-of-bounds write vulnerabilities in buffers. Reported as MSVR 35093, MSVR 35096, and MSVR 35097. tools/tiffcrop.c en libtiff 4.0.6 tiene vulnerabilidades de escritura fuera de límites en bufers. Reportado como MSVR 35093, MSVR 35096 y MSVR 35097. • http://rhn.redhat.com/errata/RHSA-2017-0225.html http://www.debian.org/security/2017/dsa-3762 http://www.securityfocus.com/bid/94484 http://www.securityfocus.com/bid/94746 https://github.com/vadz/libtiff/commit/83a4b92815ea04969d494416eaae3d4c6b338e4a#diff-c8b4b355f9b5c06d585b23138e1c185f https://access.redhat.com/security/cve/CVE-2016-9537 https://bugzilla.redhat.com/show_bug.cgi?id=1397760 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •